Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp2274514ybe;
        Tue, 3 Sep 2019 10:20:53 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxPw4LeXdCh1UQGjV2VObW7t1QHGxMPbLXQVUxDJTSk0/USG3zHxPfBzUjzIIM6wdQzJgoJ
X-Received: by 2002:aa7:8255:: with SMTP id e21mr2237103pfn.82.1567531253122;
        Tue, 03 Sep 2019 10:20:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1567531253; cv=none;
        d=google.com; s=arc-20160816;
        b=V51E237xhB76DpKBdUSKn3xHP0rX5RbxO2eRJ1UkvcFX3MnyGk9EqbMOct+XIEjBO6
         KkYLzfDi3pxhpaCwJXksn9h4pfVyFDgdKDUKPHCs5ESFYD9r4HZ7VFhBSKqByiK/MP0G
         wCx7/hiw8gi264tMykK4P2bMlXo+LEY+u+xfTpe+/Pk2g1dSi7eO9sCgWmFTZSpCCUyT
         pJHJU0dJkt1BIUGUmfZDaYVv/W8H5JkRtbANYH1IlsbBaY6ApJaKn7sy5L1RPogUww02
         zo2izwW4lgceWyBAoW1IykGtbZs56yG0TC8hu9K+T8lv9PgnQ/QsZuYUPcYEivQwojsY
         zNsg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:content-disposition
         :mime-version:mail-followup-to:message-id:subject:to:from:date
         :dkim-signature;
        bh=+cuObR6qt1c7Mte/4R6VlVN8r1OmkoJGuAvT5PLCR1E=;
        b=lNCWDZknWxy3f4Xl7OHVhCqn2lvNca/P6MH/d9Sx9HVojb3SN9CNDg0i7ndxWmkgOM
         aRhNGgblU31lxv2z3v8oO5KdhCKzF6RkPSwgBYtA70eZgTWdR0FP7rx51GsV9y9IHuRs
         iJxLxmbYwZqP07nbvWR26ZPNJibMRzYqskP04bTy4rbKSZsDp6ZnChffPEtG7x6lVPaH
         RCoPz664UUpzXBV3UuObhOg0gkLUHNvgbeNlxnB1GWXY03MsYy8bvg1Z40GwX5QTi1Z+
         O9P0jYUd6nhK40O2oAyLlVAyadi94OFiaEPL64lDZ2RcHR98NC6JyJwoe8ZdLODcyriX
         GhsQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=VyO12y3E;
       spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u6si17385409pfm.135.2019.09.03.10.20.50;
        Tue, 03 Sep 2019 10:20:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=VyO12y3E;
       spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729838AbfICRU0 (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 11 others); Tue, 3 Sep 2019 13:20:26 -0400
Received: from mail-ed1-f46.google.com ([209.85.208.46]:35685 "EHLO
        mail-ed1-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728854AbfICRU0 (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Tue, 3 Sep 2019 13:20:26 -0400
Received: by mail-ed1-f46.google.com with SMTP id t50so19273308edd.2
        for <selinux-refpolicy@vger.kernel.org>; Tue, 03 Sep 2019 10:20:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:subject:message-id:mail-followup-to:mime-version
         :content-disposition:user-agent;
        bh=+cuObR6qt1c7Mte/4R6VlVN8r1OmkoJGuAvT5PLCR1E=;
        b=VyO12y3Eh939U7q9vejuUY/YjmfHXVtJKTbnP/TQEbBcE9rAdromXoL4dNpczxrAVM
         scSGs9HICu57BYg0R/dT35AJl3ExdeLo+hF2jGmY7Xuu0tJfwbR/YeZCHA/bG4WQJf3w
         XeG0yU6Ufpzaqnpdh3BTOdWKsDy67rQxjl5yzswR1Pm0g/cYcftj/zHtLVnqg4pV/Yw0
         bqyOfe+Tc5tlermXRwF/ymSAUzmDy+7xS0E0xYIMFtfZtbafc++iloPeXjlqd1TMXj2E
         7cH/ckLwVNQT3lXzyJfXnUev39GyI6yFUdqVrYpc4TOPoVNq0jkygTFb9f/hDkqOEn6S
         AROQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:subject:message-id:mail-followup-to
         :mime-version:content-disposition:user-agent;
        bh=+cuObR6qt1c7Mte/4R6VlVN8r1OmkoJGuAvT5PLCR1E=;
        b=bu4NoMmdbuVZLqpRfgfjfM03aZCUxw3+rG8Pp8WL/FaAbSEB4uma/K37NhXErJGBjt
         b9ZH9AfoNt8Az6n/u97FtbKElusM8lHbwJKlsbdQ8pWhR4a4LkPgpwvUsx6maEPkKiKa
         yoOncj1L/68VyclYCJ5Os5CpmFgxcc/n0xun4889wcJY6ckQMCCmTsS+XYTD1O7DlKI9
         tqgQDJpmIO2gHOKyZgYVsnVMLj25etdLBw9DAues/UAunjwygnVI2Ba1JCNbEAVd3R9A
         +iVWZc/tJO2V7lTz/6SBcyhoLOsEVj9mWsd6/VfJUnSXX0uZHCi0xV0RJy4//yZmteBz
         LXfg==
X-Gm-Message-State: APjAAAUrI9wrhfEfFPtu9EiteL+/xSzbj5GZGtJl33jwFQAs/1FcEJCf
        69cRIa6wdma84I8a/piu/Fjc/Hl4
X-Received: by 2002:a17:906:63c9:: with SMTP id u9mr4088103ejk.117.1567531224457;
        Tue, 03 Sep 2019 10:20:24 -0700 (PDT)
Received: from brutus.lan (brutus.defensec.nl. [2001:985:d55d::438])
        by smtp.gmail.com with ESMTPSA id r18sm1523071edl.6.2019.09.03.10.20.23
        for <selinux-refpolicy@vger.kernel.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 03 Sep 2019 10:20:23 -0700 (PDT)
Date:   Tue, 3 Sep 2019 19:20:22 +0200
From:   Dominick Grift <dac.override@gmail.com>
To:     selinux-refpolicy@vger.kernel.org
Subject: Processes to target
Message-ID: <20190903172022.GA923044@brutus.lan>
Mail-Followup-To: selinux-refpolicy@vger.kernel.org
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
        protocol="application/pgp-signature"; boundary="opJtzjQTFsWo+cga"
Content-Disposition: inline
User-Agent: Every email client sucks, this one just sucks less.
X-PGP-Key: https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org


--opJtzjQTFsWo+cga
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Some processes that are part of the core os that one might want to target

dm blkdeactivate: init system domain that maintains a file in /tmp that mou=
nt wants to be able to read
logging augenrules: init system domain that maintainss content in /tmp
dracut-initramfs: init system domain that maintains /run/initramfs
systemd-shutdown: pid1 during shutdown


--=20
Key fingerprint =3D 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=3Dget&search=3D0x3B6C5F1D2C7B6B02
Dominick Grift

--opJtzjQTFsWo+cga
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEujmXliIBLFTc2Y4AJXSOVTf5R2kFAl1uoNEACgkQJXSOVTf5
R2kGvAv+LSkbBBWryEHaQ0HzjJgwDTkka/D8iTNHqOBXDIMvvjMKF5fPjS/6VoPX
8nXeIID98tjTyEuJ69Z42IW1NYKOjbXwsfq6h0ynMCROPS7x2ZVLCLhSzLqLJmbz
9x/GG6m6x2AzcG1GOIcTQc0AnGM3hOPwHJ7mSOqN46NftkZOSqFshBUAgjKRUpXN
Y8iKlfMvpLVn20+05bfqB+iZCiBxeiTUpNADf1wUP3MKYpnXt6SnzRt+Lw2QFBOC
917JuaAEMZnxDPetRlESawOp/NPMJhxcZtqlRWc1RxTVltoSCai/ilYv6V07ut5a
jp5xcxnZ0wpwTcWNA3/IEOilxU9xaec12/oYgvhyJJlZ4NjS4/tqIawvzb15ug4J
959XEZxqmX11M6ndusj0T6dKUnN2yNTbX4thDFsW6SQ7jFhzg16ZDqRDz+pg9hXM
wLmvTAXJhmzpr73qPAfbUaJi6lfh3dN1A6TfDQZjFeljKvboFTx7N/avod8z4EWO
fbWyfg+E
=DZ/n
-----END PGP SIGNATURE-----

--opJtzjQTFsWo+cga--