On Tue, 2006-10-31 at 09:23 -0500, Stephen Smalley wrote: > On Mon, 2006-10-30 at 15:16 -0500, James Antill wrote: > > On Mon, 2006-10-30 at 15:03 -0500, James Antill wrote: > > > On Fri, 2006-10-27 at 14:38 -0400, Stephen Smalley wrote: > > > > > > > Look at Darrel's patch for mcstransd to apply a permission check between > > > > the level of the caller and the level being translated for context > > > > translations. > > > > > > Thanks to much discussion with Dan and Stephen, I'm pretty sure I have > > > this correct now. > > > > > > Here is the reference policy part of the patches (libselinux came > > previously and PAM is next). > > In addition to the permission name, I'd have expected the rule (and the > check in the code) to always use the same type in both contexts, so the > rules could just be: > allow $1 self:context <permissionname>; > > Not allow $1 domain:context, which will yield many more rules without > any real justification.
I'm also unclear as to what you are checking - you seem to be putting this in authlogin, but I had expected this to be a check between two user contexts, identical in all respects except for the MLS ranges (one from seusers, one from the user-supplied input). -- Stephen Smalley National Security Agency -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
