On Fri, 2004-04-02 at 07:40, murphy pope wrote: > >SELinux has an independent user identity model, which provides for > more rigorous identity based access control than standard Unix. e.g. > you can change Unix user id, but not SELinux user id. > > And that's a feature is it? Yes. Bounded privilege escalation. > > >The reason there are separate databases is that there is not a direct > >mapping between Unix users and SELinux users. > > That's not a justification, it's a consequence of the fact that you > are maintaining a separate database. In other words, that's a bad > thing, not a good thing. No, it is a consequence of different security models. And, as James noted, you need to have a mapping of users to roles regardless of whether you have an entry in policy/users for every entry in /etc/passwd or not. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
