[redhat-lspp] Re: [PATCH 2/3] Re: MLS enforcing PTYs, sshd, and newrole
Joshua Brindle
jbrindle at tresys.com
Fri Jan 5 03:35:45 UTC 2007
> From: Klaus Weidner [mailto:klaus at atsec.com]
>
> On Thu, Jan 04, 2007 at 10:05:57PM -0500, Joshua Brindle wrote:
> > Hardcoding types into code makes it inflexible to policy
> changes, this
> > is a bad idea IMO, the tty whitelist, however, is probably
> the way to
> > go. I don't know if we should use the existing
> /etc/securetty or add
> > our own file though.
>
> I'm not sure if the existing /etc/securetty is the right one,
> since people may make serial terminals available to users but
> would not want direct root login on those. Well, maybe not
> terribly likely these days.
>
> Instead of hardcoded types, how about a configurable type or
> a /etc/securettytypes file that contains the types instead of
> tty names?
Sure, the securettycontexts might be the way to go. I'm dubious about
just making this happen for level changes though, you shouldn't be able
to bypass any part of the security policy using newrole.
More information about the redhat-lspp
mailing list