Davide Bolcioni wrote:
Could SELinux be used to prevent this and, more generally, disallow
replacement of rpm-controlled files even by the root user ?
That would be incredibly annoying and is not where we want to go... It
would complicate updates and installs and configuration and everything
that is normal administration.
I disagree, I think this would improve the security of the distribution.
I would not recommend making such changes to targeted policy, but it
seems potentially valuable to strict.
Granting all powers to root is dangerous, we should be moving in the
opposite direction, from coarse-grained security towards fine-grained
security. I.E. applications ran as sysadm_t which don't need install
(and relabeling) privileges shouldn't have them.
I see no reason why my accidental execution of a hostile script as
sysadm_t should have the powers to take over my computer.
I think strict policy has already been changed to run in an
underprivileged role by default (staff_r) for root logins, so I'm not
sure if more needs to be done...
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
