On Wed, 2006-02-15 at 14:19 +0100, Erik Sjölund wrote: > [root@e /]# cat /etc/redhat-release > Fedora Core release 4 (Stentz) > [root@e /]# adduser erik > [root@e /]# su - erik > [erik@e ~]$ ln /etc/passwd . > [erik@e ~]$ exit > [root@e /]# ls -lZ /etc/passwd > -rw-r--r-- root root system_u:object_r:etc_t /etc/passwd > [root@e /]# restorecon -R /home > [root@e /]# ls -lZ /etc/passwd > -rw-r--r-- root root user_u:object_r:user_home_t /etc/passwd > > Should it be like that? > > /sbin/restorecon -R /home > > might lead to strange security contexts for files belonging to root. Yes, running restorecon on /home by root considered harmful, particularly under targeted policy. Under strict policy, a user can't create hard links to system files (controlled by the 'link' permission), which helps avoid the problem, and restorecon and setfiles aren't allowed to follow untrustworthy symlinks by the policy. setfiles also contains code to check for multiple hard links with conflicting matches, so if you run setfiles on /, it should complain about the discrepancy, but restorecon doesn't do that and even if it did it naturally can't tell that when it is just run on /home. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
