2010-06-02 20:18:33

by Daniel Walsh

[permalink] [raw]
Subject: [refpolicy] kernel_corenetwork.te.in.patch

http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch

tun_tap_device is an mls trusted object

Lots of new port definitions.


2010-06-04 13:52:41

by cpebenito

[permalink] [raw]
Subject: [refpolicy] kernel_corenetwork.te.in.patch

On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
>
> tun_tap_device is an mls trusted object

Why? This seems wrong to me.

> Lots of new port definitions.

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com

2010-06-04 14:53:17

by Daniel Walsh

[permalink] [raw]
Subject: [refpolicy] kernel_corenetwork.te.in.patch

On 06/04/2010 09:52 AM, Christopher J. PeBenito wrote:
> On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
>>
>> tun_tap_device is an mls trusted object
>
> Why? This seems wrong to me.
>
>> Lots of new port definitions.
>
I think virtual machines at different levels need to talk to this device.

2010-06-04 15:43:30

by cpebenito

[permalink] [raw]
Subject: [refpolicy] kernel_corenetwork.te.in.patch

On Fri, 2010-06-04 at 10:53 -0400, Daniel J Walsh wrote:
> On 06/04/2010 09:52 AM, Christopher J. PeBenito wrote:
> > On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
> >> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
> >>
> >> tun_tap_device is an mls trusted object
> >
> > Why? This seems wrong to me.

> I think virtual machines at different levels need to talk to this device.

But there are several of these devices. Making it trusted means that
theres no separation between the networks, which seems contrary to what
a MLS system would want. More likely, the MLS label needs to be changed
as needed.

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com

2010-06-04 20:32:25

by Daniel Walsh

[permalink] [raw]
Subject: [refpolicy] kernel_corenetwork.te.in.patch

On 06/04/2010 11:43 AM, Christopher J. PeBenito wrote:
> On Fri, 2010-06-04 at 10:53 -0400, Daniel J Walsh wrote:
>> On 06/04/2010 09:52 AM, Christopher J. PeBenito wrote:
>>> On Wed, 2010-06-02 at 16:18 -0400, Daniel J Walsh wrote:
>>>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_corenetwork.te.in.patch
>>>>
>>>> tun_tap_device is an mls trusted object
>>>
>>> Why? This seems wrong to me.
>
>> I think virtual machines at different levels need to talk to this device.
>
> But there are several of these devices. Making it trusted means that
> theres no separation between the networks, which seems contrary to what
> a MLS system would want. More likely, the MLS label needs to be changed
> as needed.
>
I think the kernel will take care of the isolation.

Eric Dan, Is tuntap device per qemu instance?