On Thu, 2008-03-27 at 18:52 +0900, KaiGai Kohei wrote: > Christopher J. PeBenito wrote: > > On Tue, 2008-03-25 at 19:35 +0900, KaiGai Kohei wrote: > >> Christopher J. PeBenito wrote: > >>> I finally realized what the problem with the type_transitions. You have > >>> many of them to set up the default type for tables, procedures, blobs, > >>> etc. Shouldn't the default labels just be settings in a config file? > >>> Then all of the complex type transitioning behavior isn't needed. > >> I dislike thie option. > >> It can make harder to find out the cause of trouble came from labeling behavior, > >> if end users put incorrect configuration. Especially, I don't want to require > >> database folks additional configuration, because they are not SELinux specialist. > >> It can be configured in the security policy enough simply, so the default behavior > >> should be also described in. > > > > I think I was a little unclear. I'm suggesting they go in a file > > like /etc/selinux/refpolicy/contexts/postgresql_contexts, not in a > > primary config file for postgresql. > > Yes, I have same implementation image as you suggested. > > However, I don't want to add this kind of stuff although it can be described > within the security policy, because it provides us uncertainties on SE-PostgreSQL > behavior. It shall make harder to find out the cause of trouble came from labeling > matter as I said before. I'm not very compelled by this argument because its well understood that these *_contexts files should match the policy otherwise you get unknown behavior. > Do you consider they are really complex type_transition rules now? > They are not conditional, not set operations. Sounds like they are ok, but I'd have to see the policy to make sure. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
