SELinux - back to basics

[adrian golding]

To refine my questions in the earlier email:
1) many of the things the attacker can do if he exploits the Samba
vulnerability can be found in the source policy.  but there are also so many
other rules in the policy (hundreds?), my question is how do I know if the
other rules matter much?  there are >300 rules related to smbd_t, and it
just *seems* a lot can go wrong with the system.

2) how do we verify the part about what the attackers cannot do? does it
mean, if i cannot find a rule that links smbd_t with user_home_t with the
'read' permission, the attacker cannot read/manipulate user home
directories?  Or it is not as trivial?

3) i am assuming ports 137-139 and 445 are labelled smbd_port_t, but where
can i find this assignment in the policy? i am currently using apol.

thank you


On Mon, Aug 17, 2009 at 10:42 AM, adrian golding <adriangolding at gmail.com>wrote:

> dear all, can you please point me to the right place:
> with reference to: http://danwalsh.livejournal.com/10131.html
>
> i am interested in how dan knows what an attacker can make use of the samba
> vulnerability to do by default, and what the attacker cannot do.  More
> generally speaking, how do we look at a service or application in a SELinux
> system, and finding out what the attacker can do and cannot do in the case
> of the service being exploited?
>
> in that page, he looked at some of the relevant booleans and i guess
> "samba_enable_home_dirs ---> off" prevents the attacker to read/manipulate
> the user's home directories. But what about the rest?  What other things can
> an end user (who is not very experienced in SELinux) examine to know what
> the attacker can / cannot do?
>
> thank you
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090817/649b6267/attachment.htm>