[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: how does rpm work under Selinux

From: Stephen Smalley <sds tycho nsa gov>
To: Ivan Gyurdiev <ivg2 cornell edu>
Cc: Mike Hearn <mike navi cx>, Rudi Chiarito <nutello sweetness com>, fedora-selinux-list redhat com
Subject: Re: how does rpm work under Selinux
Date: Wed, 01 Jun 2005 07:33:30 -0400

On Tue, 2005-05-31 at 22:20 -0400, Ivan Gyurdiev wrote:
> Actually, I think all a rogue package has to do to subvert the SELinux
> scheme is to install itself where the regexps expect, and it will get
> labeled as a privileged process. 
> 
> It's certainly possible to restrict rpm on a SELinux system. I believe
> the current policy prevents it from writing to /etc/shadow, unless a
> tunable is on.
> 
> On the other hand I am suspicious whether this protection works at all -
> it probably allows the rpm to install an executable over an auth_write
> binary, at which point it can just install a hostile executable there,
> and the battle is lost.
> 
> I could be wrong though - I hadn't looked at the rpm policy until now...

Yes, rpm is effectively unrestricted at present.

-- 
Stephen Smalley
National Security Agency

References:
- Re: how does rpm work under Selinux
  - From: Rudi Chiarito
- Re: how does rpm work under Selinux
  - From: Ivan Gyurdiev

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]