From: dominick.grift@gmail.com (Dominick Grift) Date: Thu, 09 Jan 2014 14:46:48 +0100 Subject: [refpolicy] Transition unconfined users to dpkg_t domain In-Reply-To: <20140109132449.783398e6@soldur.bigon.be> References: <20140107132919.5779c6c0@soldur.bigon.be> <20140107181207.13f8826d@soldur.bigon.be> <20140109132449.783398e6@soldur.bigon.be> Message-ID: <1389275208.14773.43.camel@x220.localdomain> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Thu, 2014-01-09 at 13:24 +0100, Laurent Bigonville wrote: > Resending to the ML as the CC was lost. > > Le Tue, 7 Jan 2014 18:12:07 +0100, > Laurent Bigonville a ?crit : > > > Le Tue, 7 Jan 2014 16:09:25 +0100, > > Sven Vermeulen a ?crit : > > > > > I think in general, unconfined should remain unconfined (i.e. > > > can_exec but no domtrans). Easier to keep as a principle. > > > I agree, if it was not for MLS requirements i would probably do the same for sysadm_t Would have been even nicer IMHO if we could get rid of those package manager domains in general. unfortunately i do not think that is feasible since unprivileged users sometimes are also able to use the package managers to install files via setuid/setgid frontends. The other compelling reasons for those domains sometimes do not apply anymore. Like file transitions ( we have named file transitions now ), role transitions (no need for role transitions with systemd).