newrole using SELinux user identity for password lookups
Colin Walters
walters at redhat.com
Wed Apr 21 19:48:16 UTC 2004
On Wed, 2004-04-21 at 15:40, Stephen Smalley wrote:
> I'd rather move away from asking for a password at all in newrole, and
> substitute some other user confirmation mechanism (one that doesn't risk
> exposure of a secret).
Ok. Well do you (or anyone else, Dan?) have any suggestions for the
short term? For FC2 we could just tell users to always use 'su'. The
unfortunate thing here is that Fedora users who are reading upstream
docs will get exactly the opposite information :/
> > Yeah. It seems there is some work in this area going on:
> > http://shellcode.org/Kernel/tpe/
>
> TPE is _not_ related to the classical notion of trusted path at all.
> Type Enforcement is a better mechanism for providing the equivalent
> functionality of TPE. Trusted path is described in the latter part of
> http://www.nsa.gov/selinux/papers/inevitability/#2 , among other places.
I'd just briefly glanced at the TPE page. Looking at it more carefully
I think you're right.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20040421/e69a708d/attachment.sig>
More information about the fedora-selinux-list
mailing list