Chad Hanson wrote:
Well, I'm not sure of the exact functionality desired in this question.
Usually there isn't a system setting for maximum login labels, but on a per
user basis such as part of the SELinux policy.
Maybe this is a future requirement, but when we move to destributing the
seusers file, you
could have a user be SystemLow-SystemHigh but a machine maxed out at
TopSecret. We
need to handle this.
For remote network logins, such as sshd, there is still some work that
should be done to log the user in at the level of the network connection,
instead of the default user label. This would enforce that the user couldn't
operate at a level higher than the network.
Is this close to what is being requested?
-Chad
-----Original Message-----
From: Daniel J Walsh [mailto:[EMAIL PROTECTED]
Sent: Friday, June 16, 2006 2:44 PM
To: redhat-lspp; Stephen Smalley; Chad Hanson
Subject: What is the preferered way of setting a machines maximum
sensitivity?
We need to be able to set the maximum login sensitivity on a
machine in
such a way that the login programs and
network aware applications enforce this. How do you go about
doing this?
Dan
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
