[redhat-lspp] Comments on Pam-Namspace
Daniel J Walsh
dwalsh at redhat.com
Thu Feb 23 20:02:52 UTC 2006
Janak Desai wrote:
> Daniel J Walsh wrote:
>
>> I now have pam_namespace working with MLS policy, for the /tmp and
>> /var/tmp directory
>>
>> We need to change the namespace.conf file to be
>>
>> /tmp /tmp/.inst-$USER- both root,adm
>> /var/tmp/.inst-$USER- both root,adm
>> #$HOME $HOME/.inst- context
>>
>> Why have the first two commented out? I think you put pam_namespace
>> in the /etc/pam.d file you get /tmp and /var/tmp automatically.
>>
> Ok, I will change the conf file accordingly.
>
>> Also by default for the instance directory should be a subdirectory
>> of the parent.
>
> Agreed. I will update the config file and the README appropriately.
>
>>
>> As far as the polyinstantiation of the home dir. Shouldn't this only
>> happen on none SystemLow contexts?
>>
>> I turned it on and my homedir disappeared which seems strange.
>>
> This is under the control of the policy. The namespace module calls
> security_compute_member library
> function and expects the policy to return appropriate member directory
> context. This member directory
> context is then used for instance directory.
But how do we in policy tell it to do nothing?
>
>> Why do we still use the MD5sum for the directory name. Why not just
>> use the level? Would make it easier to figure out what is going on.
>>
> I was using MD5 hashes to try and obscure the directory name. However,
> now that I know that if
> someone really wants to figure out the context, they can, even if the
> name is hashed. So I can
> remove the use of hash or make it configurable (if anyone still sees
> any benefit of using it).
>
> Will make these changes after I return from the symposium ..
>
> -Janak
>
More information about the redhat-lspp
mailing list