[redhat-lspp] Re: [PATCH 2/3] Re: MLS enforcing PTYs, sshd, and newrole
Daniel J Walsh
dwalsh at redhat.com
Thu Jan 4 22:20:22 UTC 2007
Casey Schaufler wrote:
> --- Daniel J Walsh <dwalsh at redhat.com> wrote:
>
>
>> We still have a problem on MLS machines, in that
>> newrole can be used to
>> pass data via pseudo terminals.
>>
>> script
>> newrole -l SystemHigh
>> cat TopSecret.doc
>> ^d
>> ^d
>> cat typescript
>>
>> I propose we add this patch to newrole to check if
>> we are on a pseudo
>> terminal and then fail if user is using -l.
>>
>> Basically this patch checks the major number of the
>> stdin, stdout,
>> stderr for a number in the pseudo number range, If
>> yes the pseudo
>> terminal, if not continue. Not pretty but it solves
>> the problem. I
>> could not figure out another way to check if you are
>> on a pseudo terminal.
>>
>> Comments?
>>
>
> Are you 100% certain that this is only a pty
> issue? Any chance you'll have a similar problem
> with other devices, pipes, fifos, UDS or the like?
> My pair of Lincolns says otherwise, but they've
> been wrong before.
>
>
>
That would probably be a fools bet. There are other checks in newrole
to make sure it is talking to a terminal, though. I worry that I have
hit all the pseudo terminals though. I am hoping others smarter then me
in the kernel would know.
> Casey Schaufler
> casey at schaufler-ca.com
>
More information about the redhat-lspp
mailing list