On Fri, 2011-09-23 at 11:07 -0400, Stephen Smalley wrote: > On Fri, 2011-09-23 at 11:01 -0400, Daniel J Walsh wrote: > > >>>>> Currently if I create a directory labeled > > >>>>> > > >>>>> etc_t:s0:c1 > > >>>>> > > >>>>> And with a process running as unconfined_t:s0-s0:c0.c1023 > > >>>>> create a file within the directory, the file gets created > > >>>>> with the label etc_t:s0. I would like to change the > > >>>>> behavior to creating the file as etc_t:s0:c1. > > >>>>> > > >>>>> That way an administrator could modify files within a > > >>>>> sandbox and have the files be labeled correctly. > > >>>>> > > >>>>> I believe this behavior differs from MLS but believe this > > >>>>> would be what the admin expects. > > >>>>> > > >>>>> Is changing this a kernel or policy issue? > > >>>> > > >>>> That would be a kernel change, and it would have to be > > >>>> configurable so that it can differ for MLS vs MCS. > > >>>> > > >>> It would seem that we should be able to state the behaviour in > > >>> policy. [cut] > Need to distinguish low vs high. In MLS, you want to inherit the low > level of the source/subject/process. > > Also, do you want the MCS behavior for all types or selectively? For > example, if a svirt_t:s0:c256,c387 process creates a file in a :s0 > directory (is that even possible?), do you really want that file to > be :s0? My opinion is: yes/NO. So in other words, my opinion is that a categorized process should always been allowed to write to an uncategorized directory. And then that the default label for anything created by a categorized process, should definitely be categorized. However, there is an issue. For example, a given SELinux user might have access to more than one category. What would be the default category for labeling files produced by that user ? Regards, Guido -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
