On Tuesday 15 November 2005 03:03, Michael Sweet <mike@xxxxxxxxxx> wrote: > > b) the functionality for modifying those files could be placed in a > > separate helper program executed by cupsd, so that we could run that > > helper in a separate domain from cupsd and not give the daemon direct > > access to rewriting the files, > > That would seriously impact performance and make the code a lot more > complicated. Given that cupsd owns and writes these files, adding > helper apps would have little practical benefit for CUPS 1.2. Is writing config files really a performance bottleneck? I imagine that for the majority of the run time of the daemon there are no changes being made to the configuration. > > Also, note that SELinux provides an API for application policy enforcers > > to support finer-grained controls over application abstractions, and > > this API is already being used by dbusd and nscd (and a patch exists for > > X, but isn't yet upstream). Hence, it might make sense to look into > > using that API from cupsd as well (when running on a SELinux-enabled > > system, of course, which you can detect at runtime). That allows you to > > then define SELinux policy over those operations in addition to your > > existing checks. > > I'm not sure that really buys us anything - we already have a system > in place that can be used on all systems and provides remote access > policies above an beyond the UNIX accounts on the system. You may (and often will) have multiple programs running with the same Unix UID but different SE Linux security context. To handle this situation correctly it is often necessary to have SE Linux support in applications. For example if we have a printer in a public area and a printer in a secure area we want to make sure that documents printed at a high MLS sensitivity level can only go to the printer in the secure area. Implementing this requires that the CUPS server know about SE Linux access controls. I believe that code is already being written to implement such functionality. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
