From: guido@trentalancia.com (Guido Trentalancia) Date: Sun, 24 Jun 2012 03:14:34 +0200 Subject: [refpolicy] [PATCH]: missing file context for system-tools-backends (gnome) In-Reply-To: <1340446766.1572.12.camel@x220.mydomain.internal> References: <1340226181.23287.2.camel@vortex> <1340268079.9690.35.camel@x220.mydomain.internal> <1340300284.2992.9.camel@vortex> <1340301537.9690.45.camel@x220.mydomain.internal> <1340441995.2934.5.camel@vortex> <1340442729.1572.7.camel@x220.mydomain.internal> <1340445148.2934.14.camel@vortex> <1340446766.1572.12.camel@x220.mydomain.internal> Message-ID: <1340500474.2822.11.camel@vortex> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Hello Dominick. On Sat, 2012-06-23 at 12:19 +0200, Dominick Grift wrote: > On Sat, 2012-06-23 at 11:52 +0200, Guido Trentalancia wrote: > > > Consider gnome-system-tools is a GUI that is meant to configure network, > > system users, shared filesystems or folders and system time. That is why > > we would need a boolean as a lot of people would probably like to > > disable such administrative functionality in the policy (it is still > > possible to have the boolean default to true, as in the latest > > modification sketch that I posted, for a more usable generic system). > > > > Can you sketch a few lines of policy modifications for the domain > > transition that you are talking about ? I guess you want to define a new > > domain, therefore create a new module for system-tools-backends ? And > > then allow a domain transition from dbus.te to such domain. And perhaps > > finally label the system-tools-backends perl script with its > > own ?_exec_t type instead of the generic binary which is more risky ? > > I still can't imagine how this works but: > > something like: > > type stb_t; > type stb_exec_t; > dbus_system_domain(stb_t, stb_exec_t) > role system_r types stb_t; > > and then label the stb executable file(s) type stb_exec_t. > > That should tell selinux to perform a domain transition from > system_busd_t to stb_t on running files with type stb_exec_t. Yes, more or less what I was imagining. I would need to test it first and then eventually submit another patch when possible. It takes just a little bit more but at least we can get rid of the risky corecmd_* permissions. > You can also find me on irc.freenode.org at #selinux or #fedora-selinux My involvement at the moment is just as a sort of part-time hobbist and there is a lot more policy and stuff that I'd like to work on, but unfortunately work constrains do not always allow me to do that. So, I bet further involvement with other online resources such as irc is impossible as the list is already considered as heavy load for me at the moment ! Consider I am also hitting a bug in libsepol when trying to build the latest policy, so there is a lot of things to sort out and time is very scarce... And in reply to what Daniel added, I think Fedora has its own system configuration tools (for example the system-config-*), so that's probably the reason why they decided to drop gnome-system-tools and system-backends-tools if as you say it is not possible to find them anymore in the latest repository... Thanks a lot for your comments though ! Regards, Guido