http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
tun_tap_device is an mls trusted object
Lots of new port definitions.
On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
>
> tun_tap_device is an mls trusted object
Why? This seems wrong to me.
> Lots of new port definitions.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com
On 06/04/2010 09:52 AM, Christopher J. PeBenito wrote:
> On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
>>
>> tun_tap_device is an mls trusted object
>
> Why? This seems wrong to me.
>
>> Lots of new port definitions.
>
I think virtual machines at different levels need to talk to this device.
On Fri, 2010-06-04 at 10:53 -0400, Daniel J Walsh wrote:
> On 06/04/2010 09:52 AM, Christopher J. PeBenito wrote:
> > On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
> >> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
> >>
> >> tun_tap_device is an mls trusted object
> >
> > Why? This seems wrong to me.
> I think virtual machines at different levels need to talk to this device.
But there are several of these devices. Making it trusted means that
theres no separation between the networks, which seems contrary to what
a MLS system would want. More likely, the MLS label needs to be changed
as needed.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com
On 06/04/2010 11:43 AM, Christopher J. PeBenito wrote:
> On Fri, 2010-06-04 at 10:53 -0400, Daniel J Walsh wrote:
>> On 06/04/2010 09:52 AM, Christopher J. PeBenito wrote:
>>> On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
>>>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
>>>>
>>>> tun_tap_device is an mls trusted object
>>>
>>> Why? This seems wrong to me.
>
>> I think virtual machines at different levels need to talk to this device.
>
> But there are several of these devices. Making it trusted means that
> theres no separation between the networks, which seems contrary to what
> a MLS system would want. More likely, the MLS label needs to be changed
> as needed.
>
I think the kernel will take care of the isolation.
Eric Dan, Is tuntap device per qemu instance?