[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Why can not user_t link var_lib_t files?
- From: Stephen Smalley <sds tycho nsa gov>
- To: Göran Uddeborg <goeran uddeborg se>
- Cc: fedora-selinux-list redhat com
- Subject: Re: Why can not user_t link var_lib_t files?
- Date: Mon, 18 May 2009 14:32:14 -0400
On Mon, 2009-05-18 at 20:19 +0200, Göran Uddeborg wrote:
> Stephen Smalley writes:
> > In a least privilege scheme, the question is not why should it be denied
> > but rather what legitimate purpose does user_t have in creating hard
> > links to random files under /var/lib.
>
> That is true, but as I said I didn't think user_t was designed
> following a least privilege scheme. I thought it more was allowed to
> do most random things, with a few exceptions.
>
> (According to the least privilege scheme, the same user should
> probably not be allowed to READ random /var/lib files either. Some
> files and directories, like /var/lib/texmf, should be readable, but
> they have their own type.)
Yes, that's true, but the original example policy was predominantly
focused on integrity goals and that has largely carried through with a
few exceptions, e.g. /etc/shadow.
> > (and if they are in fact
> > served via NFS, then I don't see why they would be in var_lib_t unless
> > you mounted the NFS filesystem with
> > context=system_u:object_r:var_lib_t).
>
> Ah, no. These commands were executed on the server where the files
> are stored. It is the digital-TV box that mounts this directory with
> NFS. But we are not trying to do the editing on that box.
--
Stephen Smalley
National Security Agency
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]