On Thu, 2006-05-04 at 10:19 -0400, Knoke, Jim (US SSA) wrote: > I've missed a lot of history....is there already an accepted design for > whether the user's home directory is created as multi-level or > polymorphic, if the user is allowed to run at multiple sensitivity > levels? How that setup would be changed if the user's clearance is later > changed? Whether a .rc file created in the home directory by an app can > be reused when the user starts the same app at a different sensitivity > level?
pam_namespace is intended to provide the mechanism for polyinstantiating user home directories into per-level directories and bind mounting the right instance when the user logs in. So you don't actually need to label the home directory with a particular MLS level when the user is added. pam_namespace has a way to populate a newly created per-level directory via a script, but you have to configure how you want that to work. Privileged applications also have the possibility of unmounting the instance and gaining access to other per-level directories if authorized by policy, e.g. to see a lower level file, but that doesn't apply to general applications. For that, you'd need a union directory-like mechanism to present a unified view of the per-level directories. -- Stephen Smalley National Security Agency -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
