On Mon, Jun 15, 2015 at 5:41 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
On 06/14/2015 01:33 AM, Dominick Grift wrote:
> On Wed, May 27, 2015 at 11:03:25AM -0400, Stephen Smalley wrote:
>> Remove unused permission definitions from SELinux.
>> Many of these were only ever used in pre-mainline
>> versions of SELinux, prior to Linux 2.6.0. Some of them
>> were used in the legacy network or compat_net=1 checks
>> that were disabled by default in Linux 2.6.18 and
>> fully removed in Linux 2.6.30.
>>
>> Permissions never used in mainline Linux:
>> file swapon
>
> I think that blk_file (fixed disk) swapon is actually used in my policy by fstools (i think swapon command)
It isn't checked anywhere in the SELinux kernel code, so it might be
defined in your policy but it has no meaning. The LSM hook and SELinux
hook function implementation that applied the check was never merged
into mainline.
Why was the LSM hook and SELinux hook function implementation for swapon never mainlined?
In particular, without some kind of swapon check, a process with CAP_SYS_ADMIN could take any readable-writeable file, call swapon on the file, force swapping, and gain read-write access to another process memory.
Can we try to get these patches mainlined again?
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
Nick Kralevich | Android Security | nnk@xxxxxxxxxx | 650.214.4037
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
