From: guido@trentalancia.com (Guido Trentalancia) Date: Wed, 05 Sep 2012 10:47:14 +0200 Subject: [refpolicy] [PATCH 2/3] user access to DOS files In-Reply-To: <201209051032.31825.russell@coker.com.au> References: <1346793669-26282-1-git-send-email-bigon@debian.org> <1346793669-26282-2-git-send-email-bigon@debian.org> <5046927D.8010809@trentalancia.com> <201209051032.31825.russell@coker.com.au> Message-ID: <50471192.8080600@trentalancia.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 05/09/2012 02:32, Russell Coker wrote: > On Wed, 5 Sep 2012, Guido Trentalancia wrote: >>> +## >>> +##

>>> +## Allow users to manage files on dosfs_t devices, usually removable >>> media +##

>>> +##
>>> +gen_tunable(user_manage_dos_files,true) >> >> In my opinion is good to have this as on option, but in a secure >> environment the default should be false for removable media. > > It's one setsebool command to make it "secure" in that regard. I think that > for most systems where you really don't want users reading files on FAT > filesystems you won't have the ability to even mount them (remove USB ports > etc). For the majority of servers there will be no physical access by > untrusted users. For the majority of desktop systems such access will be > desired and it's one more potential thing for less clueful people to cite as a > reason for not using SE Linux if it doesn't work by default. It depends in my opinion whether most desktops are "home" and "personal" desktops or "office" desktops... I do not have such figure at hand now. But for sure, with business networks being routinely or randomly monitored, one of the major source of leaks of confidential data from companies nowadays is removable media. Best regards, Guido