On 06/10/2013 10:15 AM, Franck wrote:
Hello, I'm trying to see if the following scenario is something that can be deal with selinux. I have a daemon that start multiple identical processes ( let's call them "agent", and let's say we have 2 of them, but we could as well have 256). Those processes are there so remote client can start other processes. I want those processes to be able to read from one location (the binaries of what they are running) but also to read/write in some specific directories. Of course, agent A and agent B should not be able to interact between each other directly (they could using some tcp/http protocol) or read/write files that are not theirs. I was thinking of transiting from the agent domain to the client application domain using a transient domain that would be automatically generated and unique, but did not see anything like that.
You could assign a unique category set to each client application rather than changing domains; that would allow you to separate them from each other without having to define a unique domain for each of them. A similar approach has been used in various systems, e.g. the SELinux sandbox, SVirt (libvirt), SE for Android, OpenShift.
-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
