From: guido@trentalancia.com (Guido Trentalancia)
Date: Thu, 06 Sep 2012 18:39:50 +0200
Subject: [refpolicy] [PATCH 2/3] user access to DOS files
In-Reply-To: <5048CFD9.2080408@trentalancia.com>
References: <1346793669-26282-1-git-send-email-bigon@debian.org>
	<1346793669-26282-2-git-send-email-bigon@debian.org>
	<20120906162401.79ccd07b@eldamar.bigon.be>
	<5048CFD9.2080408@trentalancia.com>
Message-ID: <5048D1D6.1050607@trentalancia.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/09/2012 18:31, Guido Trentalancia wrote:
> On 06/09/2012 16:24, Laurent Bigonville wrote:
>> Le Tue,  4 Sep 2012 23:21:08 +0200,
>> Laurent Bigonville <bigon@debian.org> a ?crit :
>>
>>> +	tunable_policy(`user_manage_dos_files',`
>>> +		fs_manage_dos_dirs($1_t)
>>> +		fs_manage_dos_files($1_t)
>>> +	')
>>> +
>>>    ')
>>
>> I was reading the code further and isn't the proposed patch actually
>> redundant with user_rw_noexattrfile?
>>
>>           tunable_policy(`user_rw_noexattrfile',`
>>                   fs_manage_noxattr_fs_files($1_t)
>>                   fs_manage_noxattr_fs_dirs($1_t)
>>           ',`
>>                   fs_read_noxattr_fs_files($1_t)
>>           ')
>>
>> So shouldn't the proposed patch simply be dropped?
>
> Fortunately, it has not been applied, I think. And if it causes problems
> and degradation of current policy, as you now recognize, why did you
> post it in the first place then ?

The version above does not exclude xattr so it leads to marked security 
flaw. It also leads to another security risk as already pointed out in 
previous messages (no disabled boolean for cross-OS filesystems write).

This project goes in the opposite direction, I suppose...