[redhat-lspp] Re: [PATCH 2/3] Re: MLS enforcing PTYs, sshd, and newrole
Stephen Smalley
sds at tycho.nsa.gov
Tue Oct 31 14:24:41 UTC 2006
On Tue, 2006-10-31 at 09:23 -0500, Stephen Smalley wrote:
> On Mon, 2006-10-30 at 15:16 -0500, James Antill wrote:
> > On Mon, 2006-10-30 at 15:03 -0500, James Antill wrote:
> > > On Fri, 2006-10-27 at 14:38 -0400, Stephen Smalley wrote:
> > >
> > > > Look at Darrel's patch for mcstransd to apply a permission check between
> > > > the level of the caller and the level being translated for context
> > > > translations.
> > >
> > > Thanks to much discussion with Dan and Stephen, I'm pretty sure I have
> > > this correct now.
> >
> >
> > Here is the reference policy part of the patches (libselinux came
> > previously and PAM is next).
>
> In addition to the permission name, I'd have expected the rule (and the
> check in the code) to always use the same type in both contexts, so the
> rules could just be:
> allow $1 self:context <permissionname>;
>
> Not allow $1 domain:context, which will yield many more rules without
> any real justification.
I'm also unclear as to what you are checking - you seem to be putting
this in authlogin, but I had expected this to be a check between two
user contexts, identical in all respects except for the MLS ranges (one
from seusers, one from the user-supplied input).
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list