Tracy Reed <treed@xxxxxxxxxxxxxxx>: > On Fri, Jan 13, 2017 at 11:48:20AM PST, Daniel J Walsh spake thusly: >> http://rhelblog.redhat.com/2017/01/13/docker-0-day-stopped-cold-by-selinux/ > > I have long been of the opinion that it is this sort of thing which best > advocates the use of SELinux. We need more examples like this. The threats are obvious to anyone by now. What SELinux needs is a clear methodology. For example, this is *not* a methodology: <URL: https://wiki.gentoo.org/wiki/SELinux/Tutorials/Creating_your_o wn_policy_module_file> As a software developer, what am I expect to do wrt SELinux? Should I ship my product with an SELinux policy module? Or should I simply make it SELinux agnostic and supply information for the sysadmin so they can add a policy module for my product? If so, what information should I provide? As a sysadmin, should I accept RedHat's policy collection or come up with my own? If I need another boolean not supplied by RedHat, what am I to do? How do I make sure my policy is sound? How do I find out what legitimate access I need to permit for a random service apart from monitoring the audit log? It's much easier to understand sandboxes, namespaces, containers, virtual machines and such. What happens in Vegas stays in Vegas. Take Daniel Walsh's link above. I didn't get any smarter reading it. Look at <URL: https://bugzilla.redhat.com/show_bug.cgi?id=1409531#c8>: The proposed exploit scenario [...] is *not* possible under the default SELinux configuration. Would it be possible under an SELinux configuration defined by me? Marko _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
