On Wed, 2004-10-13 at 13:59 -0400, Stephen Smalley wrote: > >From the program/script. Transitions can occur on scripts (if they are > exec'd), but the caller domain needs to be trusted with respect to the > new domain (e.g. shedding permissions) in that case due to the lack of > safety in script execution. The major threat here is environment variables, right? I wonder what all would break if we by changed e.g. bash and python to by default clean the environment before executing the script if it was executed from a domain transition (they could check in the same way glibc does, right?).
