Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp353011ybc; Tue, 12 Nov 2019 02:31:01 -0800 (PST) X-Google-Smtp-Source: APXvYqxbAUKiYUBWrzho0VdiIFrx0nSautlDJkQEcSGf4GcPQr406zuwo/Y02oC1BO0Gnz5HtPCN X-Received: by 2002:a17:906:b30c:: with SMTP id n12mr26962043ejz.96.1573554661201; Tue, 12 Nov 2019 02:31:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573554661; cv=none; d=google.com; s=arc-20160816; b=DcV3QESV7fzYExJp4hHt/5vx3JdH4QkVN7cyYpWhJiEbv2yeIsQkr5s1hV8+pz1uCU Nt7IBg4nJ7iESSnTtmuc3Ll7wqqPx/woSDBqPsm/auPJRTJEWT/Ug7WOCOIdjPL9vVZX bI4xYLnyqXJOtrc9uYm1BLrLtwyrVtlumJ8p/BHC0PbYM5PYCb0StRYTh/FknK0TPg1S rLByPwG9VvrMUv5vpgnd1/q1rUBsjf+K8vVNAdaZh7mYoXmrUP24dL+JRAU41y/b+gBb FO7K4GaXr84eq+Jt1vqQfw5IBP2fWbcwPrjkDxSQQzsPM15EImaUpFuqCT9aXvnq80+f jYpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature; bh=4UX7S18l6gQ+KSYACjEPrjUEK5dk1SEQlZoSV8DdL3Q=; b=nOlI6k6xLRpWgOxoBlCB3kazzftACh2AGhNFaW1HOaf9jFuAy0TcUlizbkC0uCZXJM m9u8+kB+9kOfAPDFq0Cu4ZpG5V8pLfXkp+vg8BCK3BSmFTqTJzuG9X7e4hsEuTvpIouz W9yypZ06wqSrQGHPVm2qjdc57dKRrE5TzL2O0in/5yrHdRt2Z4UsxAO2mK07aK6m2UoR hyaeH9pmP+oG4oz/g6Op9iFF/pHoHCAiVZCGKbv+7BHIYTUyYmXoMNDulfuewdwDjWEH AGlDgtUxcgiT3dkAi0E9Hk3SlrvUOPN0xs5zRky/WE/yx/qlJDe3ySSXy5dcC4XR2wTQ Srog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=AnhyGFZP; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r12si16071562edi.272.2019.11.12.02.30.56; Tue, 12 Nov 2019 02:31:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=AnhyGFZP; spf=pass (google.com: best guess record for domain of selinux-refpolicy-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726376AbfKLK2s (ORCPT + 11 others); Tue, 12 Nov 2019 05:28:48 -0500 Received: from mail-wr1-f44.google.com ([209.85.221.44]:45878 "EHLO mail-wr1-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725834AbfKLK2s (ORCPT ); Tue, 12 Nov 2019 05:28:48 -0500 Received: by mail-wr1-f44.google.com with SMTP id z10so12579190wrs.12 for ; Tue, 12 Nov 2019 02:28:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=4UX7S18l6gQ+KSYACjEPrjUEK5dk1SEQlZoSV8DdL3Q=; b=AnhyGFZP6dTtvjCsvyya8fnW0PpGCYeqCt48nnnAQolE1itmEeZPHYkpOIYtdUcn1L wOU1AAHKl1rDB0LILEzJDJKIXY/Pzue0Mq1eRpQ9Ax7gCG2DQRtzCTTU1848l4/eVhdU qLIHpJ90/dWffsb3JCLo23lMgCriU1w0UpO1z08iz09rwX3jF1eHsPIxcf/ajTqDrhsS 25sjbj9irf3AE9TvjACD7EcfDiImWTkZ7tO7D0fQPR/hoa2/WS0ZVgwzukAnpSNOybMR z95aquULDgepHic52XJOJt+py43+yHs/BK6xuW7h/WwfbyYlxAvZ7bbHsGvtP3Chc9Pl f6kw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=4UX7S18l6gQ+KSYACjEPrjUEK5dk1SEQlZoSV8DdL3Q=; b=j7PvZghJoojCV4dmOkihlasxtyPJccxMZ9m5kURztbdc3GFxw3HThyXZIkizq1Q6PP DItZW6AjSt6ev5x5b/M35/XRdiXiWo6gtOofXyHsTf8qFZb0n+wIu6vfm9di8bZf6MQD 3me3Jf9/xsISIrYUwvYaPLem0CZ7bS6IM/tsWndN+95LEFdNlvnKqg24YSVD5CVHPmwU 2rx+x5MnhrIrn4LSQqhvniPJnLDkPn0sU9cevN7Gm4P7wSKF/gApKr3bGao0xtjNiPfN 3IpiekR03Gq8CdS2xmhFqYHnp55GCflUzT0pLX6lhA1YiAQuwU+KK2Gep/MgfoPqSeOQ WMGw== X-Gm-Message-State: APjAAAWF2rBJmYuk7QA3AGirEZd82WQgsW0yhHC1wll0MdBjIdBk0AI3 hiKoNYvTkqCZKPbDSu2Wg3E= X-Received: by 2002:adf:c449:: with SMTP id a9mr3778521wrg.240.1573554525905; Tue, 12 Nov 2019 02:28:45 -0800 (PST) Received: from brutus.lan (brutus.defensec.nl. [2001:985:d55d::438]) by smtp.gmail.com with ESMTPSA id u26sm2574027wmj.9.2019.11.12.02.28.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Nov 2019 02:28:44 -0800 (PST) Date: Tue, 12 Nov 2019 11:28:42 +0100 From: Dominick Grift To: Nicolas Iooss Cc: refpolicy Subject: Re: Intent to add support for cryfs Message-ID: <20191112102842.GA2572684@brutus.lan> Mail-Followup-To: Nicolas Iooss , refpolicy References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xHFwDpU9dbj6ez1V" Content-Disposition: inline In-Reply-To: User-Agent: Every email client sucks, this one just sucks less. X-PGP-Key: https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org --xHFwDpU9dbj6ez1V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Nov 10, 2019 at 07:32:43PM +0100, Nicolas Iooss wrote: > Hello, > I am using CryFS (https://www.cryfs.org/) in order to encrypt some > files in a shared directory. Before writing a policy for this software > and upstreaming it to refpolicy, I am wondering how this should be > handled. Sounds somewhat like gocryptfs. This is how i implemented policy for that: https://defensec.nl/gitweb/dssp2.git/blob/HEAD:/policy/applications/g/gocry= ptfs.cil >=20 > CryFS is a software that can be run by non-root users that have access > to /dev/fuse. Its command is directly used to mount a directory > ("/usr/bin/cryfs basedir mountpoint"), like command "mount". > Unmounting a mountpoint is done with "fusermount -u mountpoint", > /usr/bin/fusermount being a setuid-root program labeled mount_exec_t. > Currently, sysadm_t cannot use CryFS because it is not allowed to open > and use /dev/fuse (ie. fuse_device_t). Moreover labeling CryFS as > mount_exec_t makes mount_t require more accesses (reading a > configuration file from the base directory, reading > /proc/sys/crypto/fips_enabled, using pipes, etc.). >=20 > Therefore I am thinking of creating a new policy module for cryfs, > which could be shared with other similar software like EncFS > (https://vgough.github.io/encfs/). Does this sound like something > acceptable? Did I miss an existing module that can be extended in > order to support CryFS? >=20 > Thanks, > Nicolas >=20 --=20 Key fingerprint =3D 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=3Dget&search=3D0x3B6C5F1D2C7B6B02 Dominick Grift --xHFwDpU9dbj6ez1V Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEEujmXliIBLFTc2Y4AJXSOVTf5R2kFAl3KiVYACgkQJXSOVTf5 R2kAlgv9HgNwap5KNTYEHRZwJD6sC1V14GbCOvBRxhvLfiadM3Ib/jVP7r23p2aU 2qyHSPpWOs0HCXKYWAd7p0gX5XnabqrJxOYWLyTKd9S/LIoIOlQpi87I81AW4ZoV vNE4c1j8bCx+bBnOIQmBjOILCywY5fTCyxYKNzp3Fv6zJn22K7E6da4u8ki0UkTH 9Sr5hSJo4HNgGBMNPP7RqBzH1perj35hMjIEc0F9wBO9LKqdGqB5RX5jSZ4PazI0 pGw+u5KZxsJkVMEG3AY782GcIqu8lJqu0fQd/F64810vA/WDWCYbZNbPnDoL2cTM wCom6jNPNnjy6PhFPN6IQ20rIV5rnhnGKD/lxUN5qSGWbNer5aIbDeNIBUbrNnsu zLTBRuoVK2e/YUg0zzIzHhW8Ix4zUaSZDLi8gZaXmsGqEPLeKvJRKhLagXcvfHrl yTBxzVJzZ8C8uuwYFQ0fjoOYcdTgWXTsq+h+eRfzFpWodGL6p0pdL7kW3lJcTxJG JcQQdhxz =5Bh4 -----END PGP SIGNATURE----- --xHFwDpU9dbj6ez1V--