On Tue, 2005-02-22 at 23:26 -0500, Kodungallur Varma wrote: > I have my fedora core 3 selinux machine setup. I wrote a policy > to run the following process - spread daemon (Spread tool kit - > www.spread.org). its running great with the policy. what I want now > is some API's/ system calls that I can use to change the security > context of spread dynamically. in case I am not clear, I am trying to > modify the spread source code so that spread while running, can change > its security contexts dynamically. I downloaded libselinux.XXX rpm, > but I could not get any functions that I can use to access the > functionality. any help in this regard is greatly appreciated. thanx > in advance.. Historically, SELinux has only support security context transitions via execve; the application can explicitly request such a transition by calling setexeccon(3) and then calling execve(), or the policy can specify an automatic transition using the domain_auto_trans() macro based on the calling domain and the type assigned to the program executable. Exec-based transitions are preferable because one can control the inheritance of state and the initialization of the process in the new security context, providing real isolation and protection between the two security contexts. More recently, a setcon(3) interface was added to support dynamic context transitions as you describe for privilege bracketing by applications that are trusted to maintain separation between the two contexts, but this should only be used with great care and only if an exec-based transition is truly infeasible. As setcon(3) was a very recent change, I'm not sure that it was even included in FC3; you may need a more recent kernel and libselinux for it. -- Stephen Smalley <sds@xxxxxxxxxxxxx> National Security Agency
