On Wed, 2006-02-15 at 09:01 -0500, Stephen Smalley wrote: > Yes, running restorecon on /home by root considered harmful, > particularly under targeted policy. Under strict policy, a user can't > create hard links to system files (controlled by the 'link' permission), > which helps avoid the problem, and restorecon and setfiles aren't > allowed to follow untrustworthy symlinks by the policy. setfiles also > contains code to check for multiple hard links with conflicting matches, > so if you run setfiles on /, it should complain about the discrepancy, > but restorecon doesn't do that and even if it did it naturally can't > tell that when it is just run on /home. BTW, it is important to remember here that targeted policy doesn't try to confine users (just specific programs and daemons) and that relabeling /etc/passwd or other system files doesn't give the user any greater access since he is already unconfined as far as SELinux is concerned. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
