From: justinmattock@gmail.com (Justin P. mattock) Date: Mon, 08 Mar 2010 18:25:55 -0800 Subject: [refpolicy] user vs unconfined In-Reply-To: <201003091314.03493.russell@coker.com.au> References: <201003091314.03493.russell@coker.com.au> Message-ID: <4B95B1B3.5080308@gmail.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 03/08/2010 06:14 PM, Russell Coker wrote: > Why do unconfined_t and user_t use the same file types for almost everything > in the latest policy? > > This means that if an unconfined user has bad Unix permissions on their home > directory then user_t can replace a file that will be executed and therefore > gain unconfined_t access. > > So is there any benefit in using user_t in such a scheme? If there isn't a > benefit, and as almost all users of the Fedora policy will only use > unconfined_t for user sessions it seems that the thing to do would be to > restore the previous separation of user_t, staff_t, sysadm_t, and > unconfined_t for those who need it as it won't actually affect the Fedora > users. > > Or of course I could just maintain a private fork of the policy for Debian. > > Since 2002 the Debian policy has denied root:user_r:user_t the ability to take > over the system and I plan to keep it that way. > doesn't matter to me(although my opinion probably doesn't matter). let me know I can load up the latest policy and see. Justin P. Mattock