[redhat-lspp] LSPP/RBACPP requirements v.002
Steve Grubb
sgrubb at redhat.com
Wed Sep 28 17:24:59 UTC 2005
On Wednesday 28 September 2005 13:02, Stephen Smalley wrote:
> - I'm a bit unclear on the "Multilevel xinetd" and "Multilevel sshd"
> requirements. Using the label of the incoming connection implies an
> obvious trust burden on the client, and that is all done prior to any
> normal user authentication mechanisms by the application, so it may have
> little relevance to the actual authorized label for the user.
I was thinking the xinetd patch was to get services to start in the right
context and at the right level.
> - On "Self tests", when I posted a RFC on "Checking the loaded policy
> against a policy on disk" on the selinux list, there seemed to be
> significant doubt about a) the practical usefulness of such a feature,
> b) whether it is truly "required" or just a "nice to have", and c)
> whether it even made sense in the absence of similar measures for
> checking the integrity of rest of the kernel. Hence, I haven't pursued
> that further so far.
I think we need a definition of what this consistency check really entails.
Does it check that all audit rules in /etc/audit.rules is currently loaded,
all file permissions & checksums match kind of like tripwire, all MAC rules
are currently loaded?
If so, we need to teach tripwire about extended attributes. I can easily
compare audit rules in the file with what's loaded. Not sure if MAC rules can
be checked without some programming.
-Steve
More information about the redhat-lspp
mailing list