Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp5303737ybx;
        Sun, 10 Nov 2019 10:35:28 -0800 (PST)
X-Google-Smtp-Source: APXvYqwAaA7Kkuc6USJUkBKVwH0omdIo5aeN6MbLJWj2B+oA00AvoI7Qc9Lt95dUAr74IGEwCyCE
X-Received: by 2002:a17:906:27cc:: with SMTP id k12mr19146091ejc.181.1573410927952;
        Sun, 10 Nov 2019 10:35:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1573410927; cv=none;
        d=google.com; s=arc-20160816;
        b=ljk6WmBp8TenlEQmejH7QFw92KLfNdKQA/s06qVLozDFstJaA8yDNfKPOvV+4k0+8t
         mHfNXuLdG4MjE3Ync+RlvVhEIRIMwTZ9iQA4eE9MO43uKm8KDtydcx5EgaguOEk0RaBm
         yBEnfXqJnPXhjEbXrtD4zt+S/f1jhNnn4sDlXXOxA67xtFHUKwUjwMNEfH52mYE3Scyd
         kgxK2OI3KAP8H+mrnytSGF7h+9BGq2K5H9S6qw+akmLtmYt2C/okwAzG+CwRDqep1qqc
         h/rAyePfQbJ4hCNCHSVDbRGDhlogjmjCQlvUxIc8O+BewmPMUpGvN2iicm0GtDelx+e8
         ZQbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:subject:message-id:date:from
         :mime-version;
        bh=PwV85DEiE7n5TvmfJz458cULYPr3x1rVVaUd1eGUILs=;
        b=f3vh1Ex6c2yqbsbxv1JZZ5l+4b5/PyFVt9OCatUmKgPtMum2rg9UtbrHcK6VnlXlLd
         dv36+ii4NXgg4saoU1ocOfNXoDHG+qtMMMZx0v9xAXCcjb+OID28xRqECQ9Q7E2BGCpE
         AdnhJZSySrBq+vRqxgS8oQ6P1MFtIs+YtjOlcGnudOrAbkJHYUo0vl9sXJSg31eXuICB
         RFCDiSdBoGB16dKFNrO59CYSdm6o1u0T/CmHA/D5XKa2g9bFqkyQj9En+DWIb9oTtKFa
         Np7ibsGjuXtPO2PwClxkKX5tb+GLFNyyQKJ5HT395In5971mUUaajKDyNDcd1Knlm6qk
         CEIQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h11si10140880edf.93.2019.11.10.10.35.21;
        Sun, 10 Nov 2019 10:35:27 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726965AbfKJSdA (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 11 others); Sun, 10 Nov 2019 13:33:00 -0500
Received: from mx1.polytechnique.org ([129.104.30.34]:55025 "EHLO
        mx1.polytechnique.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726963AbfKJSdA (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Sun, 10 Nov 2019 13:33:00 -0500
Received: from mail-ot1-f45.google.com (mail-ot1-f45.google.com [209.85.210.45])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by ssl.polytechnique.org (Postfix) with ESMTPSA id 25B1C56489A
        for <selinux-refpolicy@vger.kernel.org>; Sun, 10 Nov 2019 19:32:56 +0100 (CET)
Received: by mail-ot1-f45.google.com with SMTP id n23so9448040otr.13
        for <selinux-refpolicy@vger.kernel.org>; Sun, 10 Nov 2019 10:32:56 -0800 (PST)
X-Gm-Message-State: APjAAAW84+kLBGxKq4ZiA50TEfSlAQrztkPhWYvNGP605rhSHjs7DGSw
        ev9E6Uv6l+gLsHDZCeLfJoJy/9P8vLn5a2qgx74=
X-Received: by 2002:a05:6830:1611:: with SMTP id g17mr18866143otr.29.1573410775147;
 Sun, 10 Nov 2019 10:32:55 -0800 (PST)
MIME-Version: 1.0
From:   Nicolas Iooss <nicolas.iooss@m4x.org>
Date:   Sun, 10 Nov 2019 19:32:43 +0100
X-Gmail-Original-Message-ID: <CAJfZ7=kwLVohyjoeTBx7Kmf=31qnubR1gTrJUbcZF+EB1Gbciw@mail.gmail.com>
Message-ID: <CAJfZ7=kwLVohyjoeTBx7Kmf=31qnubR1gTrJUbcZF+EB1Gbciw@mail.gmail.com>
Subject: Intent to add support for cryfs
To:     refpolicy <selinux-refpolicy@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-AV-Checked: ClamAV using ClamSMTP at svoboda.polytechnique.org (Sun Nov 10 19:32:56 2019 +0100 (CET))
X-Spam-Flag: No, tests=bogofilter, spamicity=0.000013, queueID=8123556489D
X-Org-Mail: nicolas.iooss.2010@polytechnique.org
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

Hello,
I am using CryFS (https://www.cryfs.org/) in order to encrypt some
files in a shared directory. Before writing a policy for this software
and upstreaming it to refpolicy, I am wondering how this should be
handled.

CryFS is a software that can be run by non-root users that have access
to /dev/fuse. Its command is directly used to mount a directory
("/usr/bin/cryfs basedir mountpoint"), like command "mount".
Unmounting a mountpoint is done with "fusermount -u mountpoint",
/usr/bin/fusermount being a setuid-root program labeled mount_exec_t.
Currently, sysadm_t cannot use CryFS because it is not allowed to open
and use /dev/fuse (ie. fuse_device_t). Moreover labeling CryFS as
mount_exec_t makes mount_t require more accesses (reading a
configuration file from the base directory, reading
/proc/sys/crypto/fips_enabled, using pipes, etc.).

Therefore I am thinking of creating a new policy module for cryfs,
which could be shared with other similar software like EncFS
(https://vgough.github.io/encfs/). Does this sound like something
acceptable? Did I miss an existing module that can be extended in
order to support CryFS?

Thanks,
Nicolas