I can see this going towards three 'standard' policies: targeted, tight and strict (where tight is strict with usercanread 'everywhere'). In general, I'm in favor of keeping strict as it is: well defined policies for the mandatory access controls that override the discretionary ones. But then again, I can understand circumstances where one may want something 'in between' targeted and strict. Not sure how to extend this to 'group readable', though. tom [My guess is that when the knowledge-/comfort-level of policy hacking is greater, this will be less of an issue.] On Wed, 15 Sep 2004 16:46:12 -0400, Ivan Gyurdiev <ivg2@xxxxxxxxxxx> wrote: > Bug link: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=129584 > > > Additional Comment #9 From Daniel Walsh (dwalsh@xxxxxxxxxx) on > > 2004-09-15 15:55 > > > Yes there are a lot of files that user can not access. Mainly any > > file that has a security context associated with it and doesn't have > > the attribute usercanread. > > > Again I want to bring this conversation to the public list and come to > > concensus. We can add usercanread to these files, but the question > > than is should a user be able to read all files even if they are world > > readable. > > I don't see why not. If you think the user should not be able > to read those files, then why aren't their permissions flags > set accordingly? If a file was intended to be readable only > by a certain application or only by root then it could have had > the proper user/group/rwx flags set - this restriction could > have been imposed without SELinux. If it is marked > user readable then it seems to me that any user should > be able to read it (or at least that there are no > security reasons to deny it). So why > does SElinux impose restrictions on user_t > that contradict this explicit setting? > > -- > Ivan Gyurdiev <ivg2@xxxxxxxxxxx> > Cornell University > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > http://www.redhat.com/mailman/listinfo/fedora-selinux-list > -- Tom London
