-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joshua Brindle wrote:
> Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Policy should label /root with one label and this should not be effected
>> by the passwd database.
>>
>> In Fedora policy we label this as admin_home_t. Having this label vary
>> depending on policy ends up with lines like
>>
>> dontaudit * user_home_t:dir search_dir_perms
>> dontaudit * admin_home_t:dir search_dir_perms
>> dontaudit * sysadmin_home_t:dir search_dir_perms
>> dontaudit * staff_home_t:dir search_dir_perms
>>
>> Labeling this directory as user_home_t, opens the system to possible
>> security risks since some domains have to be able to write to
>> user_home_t when they would never be allowed to write to admin_home_t.
>
> The comment right above the added lines seems to indicate that was
> suppose to be root before, why is / excluded? Are we going to start a
> huge whitelist for genhomedircon?
>
> if (strcmp(pwent->pw_dir, "/") == 0) {
> /* don't relabel / genhomdircon checked to see
> if root
> * was the user and if so, set his home
> directory to
> * /root */
> continue;
> }
No just /root
/root should not be labeled based on genhomedircon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkmbHrcACgkQrlYvE4MpobMOIACgi1w9HmZUACVvhyoJEgivYWQH
WFgAn3WU11TDfFIx4wld0IKDbMYOe2Ks
=C4WY
-----END PGP SIGNATURE-----
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
