[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Naming convention flames

On Fri, 2 Apr 2004, Dax Kelson wrote:

> I'm a fan of SELinux with it's way enforce the "correct behavior" of
> applications, but if you are just narrowly looking at the a solution for
> granular file permissions, then POSIX file ACLs are all you need.

Perhaps in a very limited way.  You have no central policy for determining
how the ACLs are applied, nor any mechanism for enforcing security policy.  
Management of security can become unwieldy from a user point of view as
the access rights are stored with the objects, e.g. "which files can bilbo
execute?" or "ensure that frodo can't read any files created by pippin"
would involve expensive, non-atomic traversals of entire filesystems.

> Speaking of which, how does SELinux file permissions interact with a
> directory that has a default ACL applied?

SELinux only provides additional restrictions to existing DAC logic, so if
the ACL says "ok", SELinux can still override it.  If the ACL says "no",
access will be denied before SELinux is invoked.

- James
James Morris
<jmorris redhat com>

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]