Consider the following rules:
attribute foo;
type asdf, foo;
type asdf2, foo;
allow asdf self:dir search;
neverallow foo { foo -self }:dir search;
This particular policy fails to compile with the following error:
libsepol.report_failure: neverallow on line XXX of XXX (or line XXX of
policy.conf) violated by allow asdf asdf:dir { search };
libsepol.check_assertions: 1 neverallow failures occurred
The intent of the neverallow rule is to prohibit cross domain access
to some resource, but allow access within the same domain. Something
like:
neverallow asdf { foo -asdf }:dir search;
neverallow asdf2 { foo -asdf2 }:dir search;
1) Is the behavior described above a bug or working as intended?
2) Is there a way to write a neverallow rule where the target uses
"-self", and if so, what does it mean?
--
Nick Kralevich | Android Security | nnk@xxxxxxxxxx | 650.214.4037
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
