GNU Common Lisp (gcl) - need a new security context?
Andrew Haley
aph at redhat.com
Sat Sep 6 09:29:22 UTC 2008
Paul Howarth wrote:
> On Fri, 05 Sep 2008 16:54:43 -0400 (EDT)
> "David A. Wheeler" <dwheeler at dwheeler.com> wrote:
>
>> I think it'd better to create an SELinux security context that grants
>> additional memory privileges that can be used ONLY when the
>> program actually _NEEDS_ those privileges (e.g., it uses
>> a gcl runtime requiring additional privileges).
>> You could document a "recipe" for how to create such a
>> thing would be a good idea - but you'd need to recreate it for
>> every program compiled by gcl, ugh. I think it'd be better to
>> have a standard context for this case (the current "unconfined" really
>> is confined; maybe the new one is "really_unconfined"?).
>> Having some processes less confined is better than disabling
>> the security mechanisms for the entire system.
Indeed. The SELinux approach is not to disable such features for a
whole system, but to provide fine-grained access control for those
parts that need it.
> This is the approach taken for mono and java, which have similar issues.
>
> If you use a context type of java_exec_t for something using the gcl
> runtime, does it work?
Is it every program created by gcl that needs this access, or just
gcl itself?
Andrew.
More information about the fedora-devel-list
mailing list