Return-Path: <SRS0=IW6P=PY=vger.kernel.org=selinux-refpolicy-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.1 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	MENTIONS_GIT_HOSTING,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id DD2D9C43387
	for <selinux-refpolicy@archiver.kernel.org>; Wed, 16 Jan 2019 23:19:41 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 97F6920652
	for <selinux-refpolicy@archiver.kernel.org>; Wed, 16 Jan 2019 23:19:41 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=ieee.org header.i=@ieee.org header.b="WSpr7rch"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727064AbfAPXTl (ORCPT
        <rfc822;selinux-refpolicy@archiver.kernel.org>);
        Wed, 16 Jan 2019 18:19:41 -0500
Received: from mail-qt1-f195.google.com ([209.85.160.195]:34330 "EHLO
        mail-qt1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726976AbfAPXTl (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Wed, 16 Jan 2019 18:19:41 -0500
Received: by mail-qt1-f195.google.com with SMTP id r14so9382158qtp.1
        for <selinux-refpolicy@vger.kernel.org>; Wed, 16 Jan 2019 15:19:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=ieee.org; s=google;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=J52MdJID2b5sYuElwMHlfuw7Z8TXd8HsIdiSbc6bIYQ=;
        b=WSpr7rchtQD5sd7N262IbtIKy0jh3lQ5rOP/zViGOib+ks+7RcYD2xC1ZjCbsjVULb
         lXc3atJbhgCWK/ZQWDcZ8QnBHYcmTQorc9dCBozHX8WI+3pj41hS/KQRscY28pPGzw2H
         hrp1DS5zGGOIteiHLN/M4Eglz7ZFr86aQQfJM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=J52MdJID2b5sYuElwMHlfuw7Z8TXd8HsIdiSbc6bIYQ=;
        b=n+lAFMOyXwGnDRD7NTX3n4cOYyma+niUeFjfAtX0V9nkt12BLOr6PiGBtxv+ATjBJx
         o/L9R4wz4bUE26FBv5m9WM0IR46msFMCLwtRtnK3TlSgSNHId9Vej3on0K8tDWpbUvlb
         IJWeDoVes4/phQy+hCADUeIlyy1BUX1cBdYqHyxFbG3tYdHLbydfdBPXz5HO0qKXJAvX
         u/SX/6nr8UBFuRRKzbr2LsVO5G5dqeGpmABd96HQaAZADcFkjycRvUH17fBR84vX2Lv0
         Aji6jI47rUoh89TrHNQfDaumbXN5v7nBgrvZJoL85+auHKCRZKZc28PZT20CabLf41LP
         hsZg==
X-Gm-Message-State: AJcUukeKEh/1u6oGad4gf155utOrN0CEDjqPnjyizmu0UvG5MlAzqIG3
        MfqUozHbrOPocoEdH9RfYTadTSuarOQ=
X-Google-Smtp-Source: ALg8bN7Gi9P4nvZMPv9ShRo407jtIl85lcNDrLMU9NZ20qyyUEyKF9MW3tz8PV6glWIkiNc4B/FqTQ==
X-Received: by 2002:ac8:75cc:: with SMTP id z12mr9045767qtq.249.1547680779670;
        Wed, 16 Jan 2019 15:19:39 -0800 (PST)
Received: from [192.168.1.190] (pool-108-15-23-247.bltmmd.fios.verizon.net. [108.15.23.247])
        by smtp.gmail.com with ESMTPSA id e4sm51577323qka.31.2019.01.16.15.19.39
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 16 Jan 2019 15:19:39 -0800 (PST)
Subject: Re: [PATCH] some little stuff
To:     Russell Coker <russell@coker.com.au>
Cc:     selinux-refpolicy@vger.kernel.org
References: <20190111103043.GA22910@xev>
 <4df64def-6cfe-af47-5c2a-dcdbf0d507e4@ieee.org> <2480376.JRpnWL4ehX@liv>
From:   Chris PeBenito <pebenito@ieee.org>
Message-ID: <34bdee18-433e-5e8e-088e-6c209d70fa37@ieee.org>
Date:   Wed, 16 Jan 2019 18:04:32 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.3.0
MIME-Version: 1.0
In-Reply-To: <2480376.JRpnWL4ehX@liv>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

On 1/15/19 2:47 AM, Russell Coker wrote:
> On Sunday, 13 January 2019 6:28:35 AM AEDT Chris PeBenito wrote:
>>> Index: refpolicy-2.20180701/policy/modules/system/systemd.te
>>> ===================================================================
>>> --- refpolicy-2.20180701.orig/policy/modules/system/systemd.te
>>> +++ refpolicy-2.20180701/policy/modules/system/systemd.te
>>> @@ -337,6 +337,10 @@ optional_policy(`
>>> networkmanager_dbus_chat(systemd_hostnamed_t)
>>> ')
>>>
>>> +optional_policy(`
>>> +       unconfined_dbus_send(systemd_hostnamed_t)
>>> +')
>>
>> This comment:
>>
>> https://github.com/SELinuxProject/refpolicy/issues/18#issuecomment-452316615
>>
>> makes me rethink all dbus sends to unconfined domains, especially
>> unconfined_t.  This here isn't all confined domains, but I want more
>> consideration for the perm.
> 
> That comment is about allowing all domains to send to unconfined_t.  Allowing
> specific domains like systemd_hostnamed_t to send to unconfined_t doesn't seem
> like a problem.  It doesn't seem likely that an attack via dbus would start
> with a systemd domain, especially not one like systemd_hostnamed_t.

It's applicable to confined domains sending messages to unconfined 
domains.  What compounds my concern is that there is no similar access 
for confined users, so where is this coming from? (what's happening?)

-- 
Chris PeBenito