Daniel J Walsh wrote:
Murray McAllister wrote:
Stephen Smalley wrote:
On Wed, 2008-09-03 at 17:41 +1000, Murray McAllister wrote:
When a confined subject is compromised by an attacker, depending on
SELinux policy configuration, the attacker's access is to resources and
the possible damage they can do is limited.
If a confined ...
Changed.
Unconfined Subjects
Unconfined subjects run in the unconfined_t domain type. This means
that SELinux policy rules do not apply, and only DAC permissions are
used.
Only unconfined login users run as unconfined_t, init programs run in
the unconfined domain initrc_t, unconfined inetd processes run in the
inetd_child_t domain. Unconfined kernel processes run in kernel_t.
There are about 20 unconfined domains in Fedora 10.
How about:
Unconfined subjects run in unconfined domains, for example, init
programs run in the unconfined initrc_t domain, unconfined kernel
subjects run in the kernel_t domain, and unconfined Linux users run in
the unconfined_t domain. For unconfined subjects, SELinux policy rules
are applied, but policy rules exist that allow subjects running in
unconfined domains almost all access. Subjects running in unconfined
domains almost always fall back to using DAC rules exclusively. If an
unconfined subject is compromised, SELinux does not prevent the attacker
from gaining access to system resources and data, but of course, DAC
rules are still used. SELinux is a security enhancement above DAC rules
- it does not replace them.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
