2012/5/1 Christopher J. PeBenito <cpebenito@xxxxxxxxxx>: > On 03/25/12 17:15, Kohei KaiGai wrote: >> This patch adds a special case handling on creation of temporary >> schema; "pg_temp". The temporary schema shall be labeled as >> "sepgsql_temp_schema" in the default, then underlying objects >> also labeled as temporary objects; that allows confined users >> to create, drop and so on, even if sepgsql_enable_users_ddl is off. >> >> In PostgreSQL, all the temporary objects are deployed on "pg_temp" >> schema, then they shall be removed at the session end. >> Thus, it has no possibility to leak any other entities via references to >> the shared database objects, and no need to prevent creation or >> deletion of temporary objects by confined domains. > [...] > >> diff --git a/policy/modules/services/postgresql.te >> b/policy/modules/services/postgresql.te >> index add0cd6..8a3c2bd 100644 >> --- a/policy/modules/services/postgresql.te >> +++ b/policy/modules/services/postgresql.te >> @@ -164,6 +164,22 @@ optional_policy(` >> mls_process_set_level(sepgsql_ranged_proc_t) >> ') >> >> +# Types for temporary objects >> +type sepgsql_temp_schema_t; >> +postgresql_schema_object(sepgsql_temp_schema_t) >> + >> +type sepgsql_temp_table_t; >> +postgresql_table_object(sepgsql_temp_table_t) >> + >> +type sepgsql_temp_seq_t; >> +postgresql_table_object(sepgsql_temp_seq_t) >> + >> +type sepgsql_temp_view_t; >> +postgresql_view_object(sepgsql_temp_view_t) >> + >> +type sepgsql_temp_proc_exec_t; >> +postgresql_procedure_object(sepgsql_temp_proc_exec_t) > > Why do you have a temp type for each of the object classes? > I don't see it gaining anything in the policy and it would be simpler to have a single type. > I agree with your opinion. See the attached patch. It defines sepgsql_temp_object_t for all the temporary objects being constructed on "pg_temp" schema. The temporary schema itself shall be also labeled as "sepgsql_temp_object_t" to avoid increasing of unnecessary type_transition rules for each underlying object classes. Thanks, -- KaiGai Kohei <kaigai@xxxxxxxxxxxx>
Attachment:
refpolicy-sepgsql-3of4-temp-database-objects.20120502.patch
Description: Binary data
