with reference to: http://danwalsh.livejournal.com/10131.html
i am interested in how dan knows what an attacker can make use of the samba vulnerability to do by default, and what the attacker cannot do. More generally speaking, how do we look at a service or application in a SELinux system, and finding out what the attacker can do and cannot do in the case of the service being exploited?
in that page, he looked at some of the relevant booleans and i guess "samba_enable_home_dirs ---> off" prevents the attacker to read/manipulate the user's home directories. But what about the rest? What other things can an end user (who is not very experienced in SELinux) examine to know what the attacker can / cannot do?
thank you
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
