Stephen Smalley wrote:
On Wed, 2005-01-05 at 02:21, Bob Kashani wrote:
I read the thread and I seem to understand the technical reason behind
why ldconfig is restricted in the way that it is (the security side of
the issue). But is seems a little harsh from a usability point of view
since for example, you can no longer run ldconfig in a chroot in your
home dir. I like fine grained security but isn't the whole idea behind
policy-targeted to enable security without restricting usability too
much? I would understand not allowing ldconfig to execute in /home with
policy-strict but shouldn't policy-targeted allow you to do this
regardless of the potential security issues? Do the security concerns in
this case outweigh the usability issues?
I'm not clear on why ldconfig runs in its own domain at all under targeted policy (vs. unconfined_t). It used to just run unconfined_t in older versions of the targeted policy. Is it an attempt to preserve the type on /etc/ld.so.cache via the file type transition rules?
Yes.
