---------- Forwarded message ---------- From: Xavier Toth <txtoth@xxxxxxxxx> Date: Wed, May 12, 2010 at 10:38 AM Subject: Re: talking to mcstrans in MLS enforcing on rhel6 beta To: Stephen Smalley <sds@xxxxxxxxxxxxx> On Tue, May 11, 2010 at 4:13 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > On Tue, 2010-05-11 at 11:10 -0500, Xavier Toth wrote: >> I'm a bit confused about something. mcstransd creates a socket and >> through a transition rule it get labeled setrans_var_run_t (this is >> also the type used with mls_trusted_object in the setrans policy) >> however when other apps try and connect to it the target context type >> is setrans_t which of course isn't trusted so no one can connect. As >> an experiment I added setrans_t as a mls trusted object and then other >> apps could connect. Not sure where the target context comes from on >> connectto because the socket file is label setrans_var_run_t on the >> disk. Something needs fixing just not sure what. Doesn't seem right to >> add 'mls_trusted_object(setrans_t)'. > > When you create and bind a Unix domain socket in the file system > namespace (as opposed to the abstract namespace), there are two objects: > the socket itself (created upon the socket call, labeled with the label > of the creating process), and the file (created upon the bind call, > labeled in accordance with the usual file labeling behavior). > Connecting to such a socket requires both write access to the file and > connectto permission to the socket. So connectto is a socket-to-socket > (which looks like process-to-process since sockets are labeled based on > creating process and act as proxies/queues between processes) check. > > -- > Stephen Smalley > National Security Agency > > So mls_trusted_object(setrans_t) needs to be added. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
