From: paul@paul-moore.com (Paul Moore) Date: Mon, 3 Aug 2015 15:28:57 -0400 Subject: [refpolicy] kdbus support In-Reply-To: <55BF8ED7.1000402@tycho.nsa.gov> References: <55BF5F1B.1010002@redhat.com> <55BF6C54.9070806@tycho.nsa.gov> <55BF7BA8.8000905@redhat.com> <55BF8B58.7000100@tycho.nsa.gov> <55BF8E4C.9010706@redhat.com> <55BF8ED7.1000402@tycho.nsa.gov> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Mon, Aug 3, 2015 at 11:55 AM, Stephen Smalley wrote: > On 08/03/2015 11:52 AM, Daniel J Walsh wrote: >> I am sure the developers would argue that the whole process would ground >> to a halt. > > Seems problematic otherwise, as 1) it shifts the blame for breakage to > SELinux rather than to the offending change, and 2) it teaches > developers and users of rawhide to just always disable SELinux to avoid > such breakage, which only further reinforces the problem. And then > fixing such issues falls entirely on you and never on the developer who > made the change. Certainly seems problematic that the maintainer of a > such a critical package as systemd runs with SELinux disabled... I completely agree with Stephen. Adding kdbus without the necessary LSM/SELinux support it a security regression, it's really that simple. While I agree that the systemd developers seem to be a bit more responsive to SELinux faults than most developers, there is absolutely no reason why they shouldn't have done more to ensure the proper LSM/SELinux support. At the very least, some emails about the kdbus development plans and timing would have helped greatly. As things stand there is almost surely going to be a gap where kdbus is upstream but it is missing the necessary LSM/SELinux hooks. That is a very bad thing in my opinion, made worse by the fact that is so easily could have been avoided with better communication by the kdbus developers. -- paul moore www.paul-moore.com