From: dwalsh@redhat.com (Daniel J Walsh)
Date: Mon, 22 Dec 2014 09:23:42 -0500
Subject: [refpolicy] What is security_file_type and auth_file_type?
In-Reply-To: <20141221101128.GA2409@siphos.be>
References: <20141221101128.GA2409@siphos.be>
Message-ID: <5498296E.1040506@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com


On 12/21/2014 05:11 AM, Sven Vermeulen wrote:
> Hi all
>
> Originally, the use of the security_file_type attribute was to reduce the
> size of the policy, and its purpose was mainly to differentiate between
> files that could be dontaudited and those that couldn't (we want to see when
> user domains access security_file_type types that they do not have access
> to).
>
> However, I could not find what the scope should be for a security_file_type
> (and auth_file_type). When should a type be assigned to be a
> security_file_type? "security" is a broad term...
>
> Is it types that could jeopardize the security (confidentiality? integrity?
> availability?) of the system when the resources of that type are /read/ by
> unauthorized domains? Or is it when the resources are written to? The latter
> (writes) is of course much broader (writing to /etc/pam.d or to the libraries
> on the system for instance).
>
> Wkr,
> 	Sven Vermeulen
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
I see security_file_type as being the type associated with types that
should not be READ, not written.
/etc/shadow and friends. 

 seinfo -asecurity_file_type  -x
   security_file_type
      selinux_config_t
      default_context_t
      dnssec_t
      shadow_t
      krb5_keytab_t
      selinux_login_config_t
      file_context_t
      audit_spool_t
      semanage_store_t
      auditd_etc_t
      auditd_log_t
      random_seed_t

Although a couple of these (selinux config types) should probably not be
included.