On 06/18/2010 03:34 PM, Daniel J Walsh wrote:
http://0pointer.de/blog/projects/systemd.html
This has interesting ramifications for SELinux. I have a working version
of this in Fedora 14, but we need to add rules like
allow sshd_t init_t:tcp_socket { getopt ioctl getattr setopt };
Since systemd will be doing the listening and passing the socket to sshd.
Could we have risks of sshd_t grabbing the tcp_socket connected to httpd_t?
In this scenario we are no longer protecting against the name_bind, and
are forced to put more trust into init_t.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx
with
the words "unsubscribe selinux" without quotes as the message.
From rudimentary testing we would have to add
ifdef(`init_systemd', `
allow daemon init_t:socket_class_set { getopt ioctl getattr setopt };
')
Which seems to allow sshd_t to work.
I guess we could make it more secure by locking this down based on the
name_bind macros but we also want to handle things like cups which
listen on a unix domain socket.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
