--- David Howells <dhowells@xxxxxxxxxx> wrote: > Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > > > What sort of authorization are you thinking of? I would expect > > that to have been done by cachefileselinuxcontext (or > > cachefilesspiffylsmcontext) up in userspace. If you're going to > > rely on userspace applications for policy enforcement they need > > to be good enough to count on after all. > > It can't be done in userspace, otherwise someone using the cachefilesd > interface can pass an arbitrary context up. Yes, but I would expect that interface to be protected (owned by root, mode 0400). If /dev/cachefiles has to be publicly accessable make it a privileged ioctl. > The security context has to be > passed across the file descriptor attached to /dev/cachefiles along with the > other configuration parameters as a text string. I got that. > This fd selects the > particular cache context that a particular instance of a running daemon is > using. Yes, but forgive me being slow, I don't see the problem. Casey Schaufler casey@xxxxxxxxxxxxxxxx -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
