From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Mon, 01 Mar 2010 08:42:05 -0500 Subject: [refpolicy] Possible regression and bug in userdom_base_user_template In-Reply-To: <20100301102220.GF3990@myhost.felk.cvut.cz> References: <20100301102220.GF3990@myhost.felk.cvut.cz> Message-ID: <1267450925.30557.7.camel@gorn.columbia.tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Mon, 2010-03-01 at 11:22 +0100, Michal Svoboda wrote: > > Christopher J. PeBenito wrote: > > The Fedora list is more appropriate for this discussion, as these rules > > are specific to the Fedora policy. > > Okay, it seems so, thanks. But the usr_t rule remains in refpolicy too. > Is the reasoning here the same? That is > > Daniel J Walsh wrote: > > Executing usr_t is not that big of a security risk. > > ... because from the purity point of view it would seem that usr_t > should be a label of read only, non-executable files. In an ideal world, usr_t files would be treated as you say. The problem is that packages put their files all over the place (have you looked to see what files are executable in /usr/share?). I agree with Dan, I don't feel its a big deal. usr_t files should be high integrity system files, just like bin_t files are. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150