Re: LSM-based systems and debian packages
On Wed, 3 Dec 2003 00:56, Peter Palfrader <weasel@debian.org> wrote:
> > I've attached a modified version, please check it out. I've changed some
> > of the things to do it in the recommended manner (eg the
> > system_crond_entry() macro), and removed some things.
> >
> > The part for running ssh looked suspect, I think it's probably best to
> > just have can_exec(uucp_t, ssh_exec_t).
>
> The ssh port, which is often used to establish a secure line to the
> remote peer, needs to run ssh to connect to a remote host.
>
> Just using can_exec(uucp_t, ssh_exec_t) is not sufficient, we would also
> need to read random devices, open network connections, etc. For a more
> general policy, using the network might be necessary for the tcp port
> anyway, but I don't use that.
Why not just permit the uucp domain to do that? Or if you really want to
create a new domain then do it in a way that does not overload "home" in type
names (confusion over what constitutes a USER home directory is not something
we want).
> I have added the ssh parts back to my policy, the rest seems to work.
>
> What is mta_user_agent for and why would it need to write to our spool?
postfix_postdrop_t has the attribute mta_user_agent. If you want to ever get
it working on other mail servers then using attributes such as mta_user_agent
is necessary. If you use the attributes correctly then it should be possible
to have it work with any mail server.
Please send me a new copy of your policy.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: