On Tue, 10 May 2005 19:12:01 -0400, Ivan Gyurdiev wrote: > In any case, I have a very concrete, and small proposal here, not > something in the distant future: OK, it all seems sensible. > 1) A common type is needed for downloads. > > 2) That common type can't be ROLE_home_t, for security purposes. > It shouldn't be ROLE_mozilla_home_t, or something like that either, > that's used for other stuff - it should be a new type, dedicated > to downloads. > > 3) Once a common type is created, it can be used for various fun things, > such as virus protection. Programs can be prevented from accessing > content of this type in certain ways by the sysadmin....for example > to prevent people from executing hostile content from the net. Would it be OK to figure out a certain set of permissions that is OK for random untrusted software to use. For instance Flash developers get a lot of milage out of the ability to write fun games that operate entirely inside the Flash sandbox which is pretty restrictive, it seems like there should be some level of control we can give programs so that humanities innate urge to distribute electronic greetings cards can be satisifed securely :) The thing I'm not really sure about is why preventing programs from accessing downloaded data files is useful. If you know you can overflow a program with malicious data the only sure protection is to fix the app, right? It seems a bit different to viruses which are actually programs. thanks -mike -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
