[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: LSM-based systems and debian packages

On Tue, 2 Dec 2003 08:48, Andreas Barth <aba@not.so.argh.org> wrote:
> * Russell Coker (russell@coker.com.au) [031201 05:10]:
> > On Mon, 1 Dec 2003 07:43, Andreas Barth <aba@not.so.argh.org> wrote:
> > > What about the gettys? I'm asking this because I wrote the initial
> > > mail because of mgetty, a package where I expect some non-standard
> > > setup (though of course, I could be wrong, as I don't know much about
> > > this topic).

> Well, mgetty (and vgetty for voice) does also in addition to normal login
> - receive faxes (and can start a whole bunch of things with receiving
>   faxes, like printing, forwarding per mail, ...)
> - receive voice messages (to these apply the same option as to faxes)
> - fire up pppd
> - fire up uucico
> - fire up [any custom programm, if configured by the system
>   administrator]

This will require some new policy.

There is currently no uucp policy (it seems that no SE Linux users are using 
it).  For pppd something like domain_auto_trans(getty_t, pppd_exec_t, pppd_t) 
should do it.  For faxes and voice messages there is probably needed some 
policy for fax and voice software.

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: