[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
RE: runcon vs newrole
- From: "Clarkson, Mike R \(US SSA\)" <mike clarkson baesystems com>
- To: "Stephen Smalley" <sds tycho nsa gov>, "Daniel J Walsh" <dwalsh redhat com>
- Cc: fedora-selinux-list redhat com
- Subject: RE: runcon vs newrole
- Date: Tue, 22 May 2007 13:26:35 -0700
Thanks for the response.
Based on your comments, am I correct in thinking that it is better to
provide trusted selinux aware domains access to runcon rather than
newrole, since runcon will restrict those domains to do only what the
selinux policy allows?
> -----Original Message-----
> From: Stephen Smalley [mailto:sds tycho nsa gov]
> Sent: Monday, May 21, 2007 12:02 PM
> To: Daniel J Walsh
> Cc: Clarkson, Mike R (US SSA); fedora-selinux-list redhat com
> Subject: Re: runcon vs newrole
>
> On Tue, 2007-05-15 at 14:24 -0400, Daniel J Walsh wrote:
> > Clarkson, Mike R (US SSA) wrote:
> > > What are the differences between and advantages/disadvantages of
the
> > > following two commands:
> > >
> > > runcon -l s1 <cmd>
> > > newrole -l s1 --c <cmd>
> > >
> > >
> > > --
> > > fedora-selinux-list mailing list
> > > fedora-selinux-list redhat com
> > > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> > >
> > Of the top of my head
> >
> > newrole will change the terminal to the level you want to output.
So if
> > the app read/writes to the terminal it will work.
> >
> > runcon will not so terminal apps will fail. Writing SystemHigh to a
> > SystemLow terminal should not work.
>
> Further, newrole runs in its own domain and allows for transitions
from
> less privileged contexts to more privileged contexts, while runcon
runs
> in the caller's domain and requires the caller to already be
> sufficiently privileged to directly make the transition.
>
> --
> Stephen Smalley
> National Security Agency
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]