On 1/7/19 10:38 PM, Russell Coker wrote:
On Tuesday, 8 January 2019 10:47:27 AM AEDT Chris PeBenito wrote:
On 1/6/19 10:10 PM, Russell Coker wrote:
This patch adds a $1_crontab_t domain and makes it a compile option for
What is the goal for reintroducing a crontab domain per-user-domain?
To make it more difficult for a user from one domain to take over access to
another domain via cron.
The context of the crontab program determines the type of the cron spool file
which then determines the permitted context of the cron job.
having a $1_cronjob_t domain.
I anticipate that even if this patch is accepted later on there will be
some changes required. Please review this not for inclusion immediately
but for changes necessary. However the previous patch is good to go if
you like the concept.
I'm not keen on this. The current policy is intended to make it easy to
decide if you want to use a *_cronjob_t domain or simply transition to
the user's domain by tweaking the default_contexts.
Which means that everyone who doesn't have a need for *_cronjob_t domains gets
all the extra policy.
Since most people don't know how to recompile the distro policy, they're
going to be stuck with whichever way it is compiled by the distro. I
think the way that it is currently implemented is a fair tradeoff for
the vast majority of users.
--
Chris PeBenito
