I wanted to open a discussion for F12 about running services on shell accounts.
Bruno Wolff III
bruno at wolff.to
Tue May 5 00:36:18 UTC 2009
On Mon, May 04, 2009 at 10:21:14 -0400,
Daniel J Walsh <dwalsh at redhat.com> wrote:
>>
> The suggesting here is to use dbus to start applications in terminal
> shell as the same user UID, not to have the system dbus start the app.
> So I fail to see how this affects auditing. The goal here is to run
> restorecond as my UID. Not Root. Adding some module to pam does not
> help the multiple restorecond programs running, problem. And I still
> have the problem of cleaning up in the pam stack on exit.
I don't think you understand what my comcern is. It may be that it isn't
a big enough risk that its worth worrying about. But I'll try to describe
it better.
The user has some files in is home directory label say special_t that are
not writeable by processes except for a few given processes. There are
some processes which read these files (but not ones labelled user_home_t)
and do things where one would be concerned if bad data was in these files.
These files' names are known to selinux for relabelling purposes.
Some app is run by the user. This app then removes files labelled special_t
and creates new ones with the same names labelled user_home_t as normal.
The daemon process then relabels these files to special_t and bad things
proceed to happen.
More information about the fedora-devel-list
mailing list