I want to open up discussion of removal of the secadm_t policy and
roling it into sysadm_t and make
auditadm_r match what Michael and Casey have defined. I don't see a lot
of support for maintaining
secadm and it adds complexity to both the description, administration
and most importantly, my job. :^)
Comments! I would like to remove this today.
Dan
-------- Original Message --------
Subject: Re: Latest diffs in policy
Date: Mon, 15 May 2006 15:15:30 -0700 (PDT)
From: Casey Schaufler <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: Daniel J Walsh <[EMAIL PROTECTED]>, "Christopher J. PeBenito"
<[EMAIL PROTECTED]>
CC: SE Linux <[EMAIL PROTECTED]>
--- Daniel J Walsh <[EMAIL PROTECTED]> wrote:
Required for LSPP.
auditadm is not allowed to do
anything but manage audit subsystem.
I am touching an LSPP certificate (CCEVS-VR-02-0020)
for a system that also allowed the auditor CAP_KILL
so that a process identified as threatening could
be terminated by the auditor.
secadmin can only manage selinux stuff.
The aforementioned LSPP system does not support
a secadm role ...
sysadmin can only do everything
not done by auditadm and secadm.
... and allowed the sysadmin to perform
all security relevent functions, including
those related to user and program MAC and
capabilities.
If you want to say that this is how you've
chosen to meet the LSPP requirements, go ahead.
Your scheme is quite rational. It is not,
however, the LSPP requirement.
Casey Schaufler
[EMAIL PROTECTED]
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
