[redhat-lspp] multilevel cron
Stephen Smalley
sds at tycho.nsa.gov
Thu Aug 18 13:33:29 UTC 2005
On Wed, 2005-08-17 at 17:58 -0400, Janak Desai wrote:
> Hi all,
>
> I am working on converting TCS multilevel cron to use
> namespace based polyinstantiation. I can follow their
> logic and come up with an approach that provides an
> ability (to the same user) to submit cron jobs from
> different sensitivity labels. However, if we want to
> extend this beyond MLS/MCS, to cron jobs from different
> roles and domains, additional work will have to be done.
>
> So .. is there a need to make cron multi-role or
> multi-domain aware (in addition to multi level)? That
> is, is it desirable to allow a user joe to submit
> cron jobs from different roles/domains? Or should I
> just stick to the ability to submit jobs from
> different MLS/MCS labels?
My preference would be to keep the mechanism general and useable for
roles/domains as well as levels (i.e. retain the abstraction of security
contexts). Note that the role/domain from which the user submits the
job is not necessarily the same as the role/domain in which the cron job
should be run (e.g. even today, cron jobs are run in a derived domain
like user_crond_t to allow them to be distinguished in permissions from
user shells), and you want to allow the mapping to be configurable by
policy.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list