From: dac.override@gmail.com (Dominick Grift)
Date: Thu, 10 Dec 2015 16:20:40 +0100
Subject: [refpolicy] How to handle glibc-triggered behavior?
In-Reply-To: <56699355.6010402@debian.org>
References: <20141221121526.GA5564@siphos.be>
 <56699355.6010402@debian.org>
Message-ID: <20151210152039.GC22216@x250>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Thu, Dec 10, 2015 at 03:59:33PM +0100, Laurent Bigonville wrote:
> Hey,
> 
> Le 21/12/14 13:15, Sven Vermeulen a ?crit :
> > glibc's malloc implementation, in multithreaded applications, might read
> > /proc/sys/vm/overcommit_memory to check if the heap can be shrunk or not
> > (when the allocated memory is part of the non-main arena). That means that
> > read access to sysctl_vm_t becomes a wide request.
> >
> > Not granting privileges might result in different memory behavior, where the
> > system administrator might have tuned/tweaked memory allocations on Linux,
> > but malloc() ignoring this due to SELinux denying access to the settings.
> >
> > I'm wondering how to properly tackle this. Granting this on a per-domain
> > level is probably not manageable, but granting this for all domains (through
> > the "domain" attribute) might be overshooting.
> >
> > Are there specific risks that I should take into account when granting read
> > access to sysctl_vm_t?
> >
> > Wkr,
> > 	Sven Vermeulen
> I'm bumping this again topic again.
> 
> Is there anything blocking a fix for this?

I like the idea but i think "domain" should not be used for this.

> 
> Cheers,
> 
> Laurent Bigonville
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy

- -- 
02DFF788
4D30 903A 1CF3 B756 FB48  1514 3148 83A2 02DF F788
https://sks-keyservers.net/pks/lookup?op=get&search=0x314883A202DFF788
Dominick Grift
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCgAGBQJWaZhDAAoJENAR6kfG5xmc1lcL/15emhsOZE9MjSc/gSkt8hKg
EnTjV/HuBWQUtMbw94PaiMmcFz1xfQukp1E+caD+cPngCjGVZS674pD43xgZp+5l
VaUbvu+V7J2PTyuB2Llm0g1dPOg7AX/53x3Wi8Z8MDTEmxw3QtV1kIfNRGww++XO
7PUc6eavZRDwS0an6jz4PjElbJ3+bJKMA+qj5d7xbORD4rwFY0nnn1JPTEE5n9Ew
z2eO7OyP/+PnHpTQyg8OZ7G0xM+hhXy+5FohB95/l9Nv+qxzQSjG66F1PY0oXCJq
WQKQZWY1xtEmgRSE4AuMDgm0hB+E7kI2WuXeQK34SqD4X6gCO8JM6PqK+QS1bHuN
1nvIznM5rxfhBvUhQjFyZkbRAurQvHO8/zfcWSoY1mQ/2eqyb4qXS7murD1Fihml
sv87xzK+1HyMP95BnjDnHukQeBRgm9vNy8QDvTukA5WzRd53ueJVNgEG3P7qyAl0
ftgRvPKUoWRYqLD9qAWzb0Z8Q7/+Xn2IwDw9XVVDVw==
=um/m
-----END PGP SIGNATURE-----