On Sunday, 13 January 2019 6:28:35 AM AEDT Chris PeBenito wrote: > > Index: refpolicy-2.20180701/policy/modules/system/systemd.te > > =================================================================== > > --- refpolicy-2.20180701.orig/policy/modules/system/systemd.te > > +++ refpolicy-2.20180701/policy/modules/system/systemd.te > > @@ -337,6 +337,10 @@ optional_policy(` > > networkmanager_dbus_chat(systemd_hostnamed_t) > > ') > > > > +optional_policy(` > > + unconfined_dbus_send(systemd_hostnamed_t) > > +') > > This comment: > > https://github.com/SELinuxProject/refpolicy/issues/18#issuecomment-452316615 > > makes me rethink all dbus sends to unconfined domains, especially > unconfined_t. This here isn't all confined domains, but I want more > consideration for the perm. That comment is about allowing all domains to send to unconfined_t. Allowing specific domains like systemd_hostnamed_t to send to unconfined_t doesn't seem like a problem. It doesn't seem likely that an attack via dbus would start with a systemd domain, especially not one like systemd_hostnamed_t. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
