setting files attributes
Stephen Smalley
sds at epoch.ncsc.mil
Thu Apr 15 12:26:49 UTC 2004
On Thu, 2004-04-15 at 08:18, Gene Czarcinski wrote:
> What make -C /etc/security/selinux/src/policy/ relabel appears to do is to go
> through the all mounted filesystems and set the attributes depending on the
> rules it has. The question is, does it follow symbolic links or not. If it
> does not, then there should not be a problem as long as all of the policy
> rules always use the actual (non-symbolic-link) path AND make sure we do also
> if we do something manually.
setfiles does not follow symlinks during the traversal (FTW_PHYS). It
also attempts to detect multiple hard links to the same file and issue
warnings if they would yield different security contexts.
> However, I can see a problem occurring if it does follow symbolic links
> because the process likely occurs in sorted order. Now /tmp is clears (or so
> it says and, I hope, that means /var/tmp/ also), so I should not be able to
> rename /usr/X11R6/bin/Xorg. However, what if I had a symbolic link from my
> home directory to something in /etc. Would that get mislabeled?
setfiles doesn't follow symlinks during the traversal, but there is a
legitimate concern about malicious symlinks created during the traversal
after descent. At present, this is mitigated by policy - setfiles is
not allowed to follow untrustworthy symlinks.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list