That was my understanding of SELinux. You could run a crazy program
that has root privileges, is hackable, has no SELinux policy, and all
that effort was for nigh.
It goes more like:
- "I have a crazy program that has root privileges, is hackable, has no
SELinux policy"
- "I'll write a selinux policy for it"
- "Now the program's still hackable, but at least it doesn't break
anything else when it gets get hacked"
I'm not sure what you expect to happen - policy should write itself?
Programs without a policy run in a high privilege domain, because we
still want those programs to work, even though nobody has written a
policy for them. It's easy to restrict those programs to run in a low
privilege domain. Then they wouldn't work at all, and you'd only be able
to run confined programs - I doubt this is what you want.
Note that strict policy confines a lot more things that targeted does -
it's meant to be used in a locked-down environment.
(Unfortunately it seems broken at the moment, but I'm sure most of it
will be fixed by FC5).
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
