On Thu, 2005-01-06 at 21:31 +1100, Russell Coker wrote: > On Thursday 06 January 2005 02:03, Bogdan Agica <bagica@xxxxxxxxxxxxxxx> > wrote: > > 1. Relabel the script from initrd_exec_t to something else, > > in which case I'll run into problems starting / stopping the programs. > > You could have the init.d script call something else to do the work. So you > split the script into a worker script in /usr/sbin and a start script in the > init.d directory that just calls the worker. That's probably how we're gonna do it. Thanx for the tips. > > 2. Give read access to initrd_t in bitdefender_etc_t and _lib_t, > > which I think is a stupid workaround, providing read access to all > > scripts in /etc/init.d to this dir. > > That's the usual approach. Not ideal but not too bad either. What is the > bitdefender data? initrc_t is a very powerful domain that can break your > system in many ways. Protecting files from it provides little benefit with > the way things work now. The data accessed is not very sensitive (only statistics and settings, not anybody's email messages). However it would be only an workaround, not a fix. > > Is there any way to "inherit" a type (C++like inheritance), e.g. to > > create a type (say bitdefender_initrc_exec_t), which inherits all the > > attributes of it's successor, but adds new functionality? (Would be a > > nice idea if there isn't yet) > > No. Are there any plans for this? I guess it would make things easier for a lot of people. Thanx again for the reply, Bogdan -- Bogdan Agica BitDefender Internal Testing Engineer ------------------------------------- SOFTWIN Data Security Division ------------------------------------- email: bagica@xxxxxxxxxxxxxxx phone: +(4021) 233 18 52; 233 07 80 fax: (+4021) 233.07.63 Bucharest, ROMANIA http://www.bitdefender.com http://www.softwin.ro ------------------------------------- secure your every bit -------------------------------------
Attachment:
signature.asc
Description: This is a digitally signed message part
-- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/
