Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp494803ybg; Fri, 12 Jun 2020 07:03:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxhKEHgYyDFCZ0Z7Xnez91HIjHcsgSRCGWGlMZO+TgGLqb6Y/60v7vRYyrHnc+1xt05wYuD X-Received: by 2002:a17:906:1e92:: with SMTP id e18mr13988656ejj.254.1591970636066; Fri, 12 Jun 2020 07:03:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591970636; cv=none; d=google.com; s=arc-20160816; b=i1gVnbixxeoJDBWxdnuFRUS1gdHxhHPQVKZYJPdHmGGSGTsq4irjmVpjR5O7H9Nbe1 3btmNBjwWUORcF1CVArRnq+3Ru1krrnMoQPfT17BB2YdPcTQeFE6MhGeORTvSCbMadTe NsU7aukXdex3KhNvzxshlWti/zYnCcS31WfaqaGPbqniMZ21IVs/ZYwW/KiFV6FMs9rn XrJkMxIUHLctSL5bMQwf2Sc7cu9Lw8kOT3q6ddCTO+CGL8rsCJ1JKQoBynN+3rDrGrky 2Tbe3Pw7RzjY79L8wp8ngzSNxGKvykZZq8XrqaMGJGikQnfEDr7n4dVC814qsPebOx/Q t4DA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:subject:autocrypt:references:cc:from:dkim-signature; bh=ViERtfQWlsKjdokE9QMUsmrXLkbASOh6f6BY+2NJWdw=; b=IhhGSDM5z3CRc4bRko4oDoMSH7oClUOxxx5dkTfmQrnoTbZRo56yXY7WoT3WlMmo1V HFT5s0NDXDpcidfBpshtxF3HVslOdUZruecXlNTl5uQVlntRhxFiC1hdp81INdkPnlyJ QQwQnP+D9Ij6p5HPrB2rR2HAyosUKUjrMffqZ1He17gzXB830ILvc9u7sclKiFupVbEs jTYLBgNhEnxIIEnen/4NyjrKhUPjukbeztAYHDVrUSP5qXArQ4+TwZEYYR1EQCrKEF4/ rviKnWgO+tPlq15VUiKO0khyBTEwkCmISOIc5eVVuUXzfpo77MuSHlUjmWxHGg0hnFD4 G0Jg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20161025 header.b=ZeSTdFE4; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q25si3622935edb.587.2020.06.12.07.03.50; Fri, 12 Jun 2020 07:03:56 -0700 (PDT) Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20161025 header.b=ZeSTdFE4; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726262AbgFLODp (ORCPT + 15 others); Fri, 12 Jun 2020 10:03:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51958 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726085AbgFLODo (ORCPT ); Fri, 12 Jun 2020 10:03:44 -0400 Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D6BAC03E96F for ; Fri, 12 Jun 2020 07:03:44 -0700 (PDT) Received: by mail-wr1-x42e.google.com with SMTP id l10so9846691wrr.10 for ; Fri, 12 Jun 2020 07:03:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:cc:references:autocrypt:subject:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=ViERtfQWlsKjdokE9QMUsmrXLkbASOh6f6BY+2NJWdw=; b=ZeSTdFE4VPhrXGHqZ0eKO+y2CKGju5tzy2HQn7Nz0gGR9NghVS/ofivQjcVVxlD8lY KSvJfEe6Ab6SLP//XcvJ1wtuZW6PcOj9AZEKlxFsOK0hXtUQzTXGBu2Lo2Ex/hIpktlB Meiyzd6hvwubCtbPYHcz4l915NNXNVeH21EVttp3TR2CV/ZZgLvnQl5pBFxACvQTTUjq 7mx+UZIa8Es7hFqknmdAD65zfdkboZC3r/KaaNCLIz+zUZ3MU1k4qtzeJu2LNaZ8Z00Q zfX+3UANCaefVTK+wsFVJ6ZIPSSQyaqnZjhufgtnpi1qyiYTxfpSjJStmhJpoxVMu5Ro ShYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:cc:references:autocrypt:subject:message-id :date:user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=ViERtfQWlsKjdokE9QMUsmrXLkbASOh6f6BY+2NJWdw=; b=pZlMZfytHKlHy9lDfl5MuAeeu9CnhxDO+62fNoZUc/3YYVEX1PLoRohk15qmB6D9i2 dFVYq3kktrlk1jmZLxuWolWlldyOR70eyiqrCP8uS8egimGZaknChMPOm5YKwZ0puiUa tiMi3tG5I8iT3WQzMDLpD29ivZVyYSz63Xp30Y7hL57Fw89OfOXFf2NJdiiw5yK3bI86 prdRPpPgdL1LWPzdNDbCe9iJWI6kMXqvBzAJjiRVwPdMdWJfwNjEVCFnsXgKoY0sIKyJ FmaJMbzr8O9s9tOO2GfpxagYO9U0d7pTCQ8fQT4QfE1ARfCg6D7nZV/A3Ro8h6uLaInr gNeg== X-Gm-Message-State: AOAM530SKecmJNGcqN8UfFgKE+xPcNXKCTXXEccnLBSaNMjQol6IWZUH OQrcHTh6sByB9wdixOp0UpjfgRoc X-Received: by 2002:a5d:4e81:: with SMTP id e1mr15275259wru.83.1591970622141; Fri, 12 Jun 2020 07:03:42 -0700 (PDT) Received: from ?IPv6:2a02:810d:4bc0:8098:78d9:64c7:b7ab:1b3a? ([2a02:810d:4bc0:8098:78d9:64c7:b7ab:1b3a]) by smtp.gmail.com with ESMTPSA id f9sm9965511wre.65.2020.06.12.07.03.40 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 12 Jun 2020 07:03:41 -0700 (PDT) From: bauen1 X-Google-Original-From: bauen1 Cc: selinux-refpolicy@vger.kernel.org References: <3243717.6S2XvbbdUs@liv> <578d7c7c-cb41-b224-2758-144aa9b5c1ad@ieee.org> <2469682.qIgoumM3a6@liv> Autocrypt: addr=j2468h@gmail.com; keydata= mQINBFhYO0UBEADB9FOvBFPceReJkioc/Wpgb+4jquqgLaYFCq30wMRlbbxRE6W5piQdJBS9 1nHgehc1wKlpoX34I0fDYKmzhxU/wn7kPQqyIJ/x4Xc0un8rgLr6AB9J45+xYDAjTEP6wfzA DyCokyypi7knVSraYAUgmgBk+jEB/B1VpUxsE6X/tilqOLyPEkDX4dKUR/J2nPyfir3pYRFs siohNGbTOmwzwkA+rZClsUl9hO5n3oGAl3gJ352wIDJTDPd0YvyCTrHRpSTP9msKrFh3rILL aNgUNBr44QurGvxDuIrX6CIyqWUKO1tdnA1XOqsZDTEAa7IL6K7yoYRIzGZ+HmxemBhE/dxW qe4+nSru1QoucSNP6xa8F2HLeqvypD+xGerR4MELkBwa2XiGvS5OwF3XjevWcLQDztlXE1cW hK6fnK8XiXNcffG8YIhStSoW3dH3twPpEduqDAooLaCznxfNZFNcRU7iaoAk30xLv885jjga /FKs+jwlkzX/Xf6gvaLZhyIuF7x5yMFYZYKl/kA0XfY9x/d9YJe9MeBE5USZnssSGCgZXSt8 +tikDjEWAw43ANOG5Au/4wEoMI9eQmRRrQ9AfIb6MS1irfUwU0yGgHCkFX7nN54+2Zunvy9u YBk55oGh1MbVlIU/rEs+te0Syb8faX53oAMFPljqnqtS71AOLQARAQABtBliYXVlbjEgPGoy NDY4aEBnbWFpbC5jb20+iQJUBBMBCgA+AhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAFiEE XtbYJqzUP47Z1Puy/wqvXggSupwFAl6R95kFCQgZO9sACgkQ/wqvXggSupxmvBAAuf5OKd70 GGvwtg0IF0oZ5/ZomZuj/ULJo2wYXIfuWd6TVmJSPyGaWxkVZu+C4rQc43bCXigF9m7Ab8Sr 7PH5O3ZKbrYiFwgASjL62osCleoEeUBWOnXquB/SfA//KumtUeNfGoMv45xlP3YiEEqYtYLd Q1JWtkdxbf2n2fxhD25YUheZvRxZPCMnOZ0t8OVHmiq2G9go935UW96ogp5TuT/VmRFTd5+L nWKNOmXh6kLTwkc5pbYX+6DagNI0b8b9AwNInZ7A4Dc3tKR5cdb4FtJ6d4UZgq9l7sSbP38j P7LXBHU1JBmALomN1WD1jtLJa1i19BTscuxvtlfVYyNw1WJVERFQYMR0EBonv1jDIjpNIz+Q I4Ectri3Ac0d4FTB2wb7SHShZq+pYe1+jNiGaayaL14CvapGar1mTfEYnA1JMhhM5Vd/myRx mxUvred8BVijHgLWPSLX4FOaNDyQzgqBMkF/nugfDpqqIU/pxQ65AjVDnmxUFxNrWbeMYxUx rUgS9c+k7840Z8BHr8Cd0DfzJRv7k5YfSjK5POLB+rWf6ibL9Mg1QzxGRFZRWnQTrtLSH9dy RG27cUX7fn43onkRkB8TSlAovDpP/jnk52TL44s05acvw2rEOa4/ygU53Pud8i2870naMaHu n7ZHUJrGZ0BcCGwQ98HsSRm06BC5Ag0EWFg7RQEQANuS3Qmbp63gCD7WHWWedBAY5t/FVrPR mf426pq2xAbms1WBHUeQB9r7F4fUMBFU03WNk8JWi4nSl8p0z4rZaZD1TEsenbYx2IohTxi0 qtZ/eaTydVzPfBIY3awBxaS3GuV8xUgR/8VdJATpEUF2BnDKGihXBl9pPM8l46vG6HsqWpeZ /hw/zwaGi8cSXY6PlFRL/fcpiGLR5RefH5VhDwZ5YrwDCYNhWYDKXL++IkDja0NW3s2yRUJM bRib0r8hq87lA7N+HHwgOOYd/sJbCZObZzL/n+lR+VTHLxGmJHbk+JRdagFH1l+x+Vp1zhVM XJDUci7Wcx/kCzCWu08t5t4Lef7rWvYJCf9JQaKJQcKyXr6ky3d4mYfV8AcA/9fat9NzQB6e 7cHw8yOc/1e4xN/h3cGNLWiGb8HCAR0SH22Gb2epyfq+txdn3cwm2ot2lhOXK3l48T081x/q kWOw86ig9dIVxi0RUv3CUaV0/N4SVumVD3GwzMSI0rfwuUb7tOqMGQFxe/k9Fc9uFPP7LfTe ZTOayuZg9oHO6Ju3x+KSXPwYcXAfuy0elZQPyqMZwshC3l1sfwG7Di+98sPzsbVUm9eTjTfN x2r7N/a958W0h+1SuE172qfuabLu8vMMWIuo8RaQG/OVF2bRR8yEPSyUTqS7Aj2osSX5CFB/ 4TVLABEBAAGJAjwEGAEKACYCGwwWIQRe1tgmrNQ/jtnU+7L/Cq9eCBK6nAUCXpH3lAUJCBk7 2wAKCRD/Cq9eCBK6nIS9EACIMM/w9yai6OzWr/8yGAFvTGb3eAXTt0W1af2u0wuKpZwLT6mb lSdmy+6Unw0g5V/pa9ckKor4qzz+Bt8TAyV/bTvcdT8UrTOLmYOnD9EzaQ4HmgDK84Tsvlix 0JgAh62udn9obUvId5m/HaKKTg0zwP/RWS+L8kr9kDWPf3la4DPQ8Ni2wyIcwXyKdi0Fasl4 fO4jEEM00XZPFwin5yfAU42fmePKt9dtFd6jxOV9WjeyMTaxYr85viXo9YI1tvvErDMmqCjl uw+cAXP0bTKd4CAXTZ6lEUemPBo1A/UE2rxh+BOgfkKtZWxmOdiRj58n6F1lTKArS09DxNCP piqv8vG6cp+C5I7+XQSy8L21e5ZWCqBH5t/PXFFS8zoCS+OB0sdMfK6ytLA3U1e7UoOdC8cp la3N25xMXged7+1Dr3xliQKIDNAi/Y5EWCokshhwSoFTbcZoJyjo35HLQnQFcYXA14R/B3hd WA31VJlJxdzof4SuMElt4mAoaPzEkQovYzRU8+AKdk0gqjXth3BABvT403wj8Dt2Y73H1JaI 1gJO/cb9LHsB6DkhbQQZ5Dtir+L6t5Fy7u74xb7XDu4gXTJcE3zRSZJUy9dplxXLBj2s8S8v QatWOE7bzVfc5o1YqTJcchLqRbMDoKRPaf+GAmldrTM02RAJtebsBcauurkCDQRYWDtFARAA 25LdCZunreAIPtYdZZ50EBjm38VWs9GZ/jbqmrbEBuazVYEdR5AH2vsXh9QwEVTTdY2TwlaL idKXynTPitlpkPVMSx6dtjHYiiFPGLSq1n95pPJ1XM98EhjdrAHFpLca5XzFSBH/xV0kBOkR QXYGcMoaKFcGX2k8zyXjq8boeypal5n+HD/PBoaLxxJdjo+UVEv99ymIYtHlF58flWEPBnli vAMJg2FZgMpcv74iQONrQ1bezbJFQkxtGJvSvyGrzuUDs34cfCA45h3+wlsJk5tnMv+f6VH5 VMcvEaYkduT4lF1qAUfWX7H5WnXOFUxckNRyLtZzH+QLMJa7Ty3m3gt5/uta9gkJ/0lBoolB wrJevqTLd3iZh9XwBwD/19q303NAHp7twfDzI5z/V7jE3+HdwY0taIZvwcIBHRIfbYZvZ6nJ +r63F2fdzCbai3aWE5creXjxPTzXH+qRY7DzqKD10hXGLRFS/cJRpXT83hJW6ZUPcbDMxIjS t/C5Rvu06owZAXF7+T0Vz24U8/st9N5lM5rK5mD2gc7om7fH4pJc/BhxcB+7LR6VlA/KoxnC yELeXWx/AbsOL73yw/OxtVSb15ONN83Havs39r3nxbSH7VK4TXvap+5psu7y8wxYi6jxFpAb 85UXZtFHzIQ9LJROpLsCPaixJfkIUH/hNUsAEQEAAYkCPAQYAQoAJgIbDBYhBF7W2Cas1D+O 2dT7sv8Kr14IErqcBQJekfeUBQkIGTvbAAoJEP8Kr14IErqchL0QAIgwz/D3JqLo7Nav/zIY AW9MZvd4BdO3RbVp/a7TC4qlnAtPqZuVJ2bL7pSfDSDlX+lr1yQqivirPP4G3xMDJX9tO9x1 PxStM4uZg6cP0TNpDgeaAMrzhOy+WLHQmACHra52f2htS8h3mb8doopODTPA/9FZL4vySv2Q NY9/eVrgM9Dw2LbDIhzBfIp2LQVqyXh87iMQQzTRdk8XCKfnJ8BTjZ+Z48q3120V3qPE5X1a N7IxNrFivzm+Jej1gjW2+8SsMyaoKOW7D5wBc/RtMp3gIBdNnqURR6Y8GjUD9QTavGH4E6B+ Qq1lbGY52JGPnyfoXWVMoCtLT0PE0I+mKq/y8bpyn4Lkjv5dBLLwvbV7llYKoEfm389cUVLz OgJL44HSx0x8rrK0sDdTV7tSg50LxymVrc3bnExeB53v7UOvfGWJAogM0CL9jkRYKiSyGHBK gVNtxmgnKOjfkctCdAVxhcDXhH8HeF1YDfVUmUnF3Oh/hK4wSW3iYCho/MSRCi9jNFTz4Ap2 TSCqNe2HcEAG9PjTfCPwO3ZjvcfUlojWAk79xv0sewHoOSFtBBnkO2Kv4vq3kXLu7vjFvtcO 7iBdMlwTfNFJklTL12mXFcsGPazxLy9Bq1Y4TtvNV9zmjVipMlxyEupFswOgpE9p/4YCaV2t MzTZEAm15uwFxq66 Subject: Re: Are we on the wrong track? Message-ID: Date: Fri, 12 Jun 2020 16:03:39 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <2469682.qIgoumM3a6@liv> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: en-US To: unlisted-recipients:; (no To-header on input) Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org Hi, I also agree with most things already said. I would like to add that the way documentation is currently handled involves too much copy + paste of almost meaningless descriptions, but I haven't found a very good alternative either. (maybe adding a type attribute to the param xml and generating a summary based on that could work in the most common cases) On 6/12/20 3:02 PM, Russell Coker wrote: > Does staff_r even make sense when you could just use >>> different MCS categories for different users? >> Yes, as user_r cannot reach admin roles whereas staff_r can. > The user identity has a permitted list of roles, you can have users who= are=20 > permitted user_r and sysadm_r and users who are only permitted user_r. = The=20 > original benefit of staff_r was to protect staff from attacks by user_r= =20 > accounts, but we can do that protection with the identity based constra= ints. I would propose replacing user based constraints with role based constraints: The user part of the context (normally) doesn't change after login, this means that files edited by a staff_u user become inaccessible by anyone else, even if sudo is used to change to staff_u:sysadm_r:sysadm_t, but reducing the user based constraints for staff_u is undesirable. Those are just my 2 cents, bauen1