[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux issues



On Wed, 2004-04-21 at 19:34, Colin Walters wrote:
> On Wed, 2004-04-21 at 18:57, Thomas Bleher wrote:
> > A full solution requires modifications to fam: it should check the
> > security context of the caller (like it does already with uid and gid)
> > and only monitor the files if they can be accessed by the caller.
> 
> Right - I think someone here looked at doing that and just gave up.  We
> have someone working on writing a new file monitoring system, hopefully
> something will happen there soon.

I don't know that it would be technically difficult to modify famd to
perform such checks (and SELinux does export an API for performing such
checks that is already used by other programs), but you would still have
a situation where famd would have to be highly trusted and a potential
conduit through which domains could communicate in violation of the
policy.  It would be preferable to instantiate separarate famd's per
client context.

-- 
Stephen Smalley <sds epoch ncsc mil>
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]