Domains, interpreted languages, and Cron scripts

[Russell Coker]

On Sun, 15 Aug 2004 16:03, Colin Walters <walters at redhat.com> wrote:
> > One idea: Would it be a good thing to modify Run-parts to transition to a
> > domain named for the Cron script it launches? Doing so would seem to
> > solve my problem, but it might create others <g>.
>
> I don't think it's necessary to modify run-parts.  Instead, inside the
> definition of your foo_script.te file, do something like:

Absolutely.  More than being unnecessary it's also exceedingly painful to go 
and modify lots of programs such as run-parts.

If we did modify run-parts to use a domain name based on the file name then 
run-parts would need code to map the file name to the domain name thus 
removing policy decisions from the policy database in the kernel and putting 
them in the application.  Someone who used to work on a different trusted OS 
project told me that he thought that the SE Linux design of putting 
everything in the policy is absolutely the right thing to do, he had 
considerable experience with doing these things as C code compiled into 
binaries and found it not to be effective.

An on-going topic of discussion on the main SE Linux list for years has been 
about what other modifications should be made to applications.  Most of the 
suggestions have been rejected (including some of mine).

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page