From: aranea@aixah.de (Luis Ressel) Date: Tue, 27 Dec 2016 23:38:46 +0100 Subject: [refpolicy] [PATCH] init: run sysvinit without the dangerous unconfined_domain() call In-Reply-To: <1425370720.18751.1482877006863.JavaMail.open-xchange@popper10.register.it> References: <1425370720.18751.1482877006863.JavaMail.open-xchange@popper10.register.it> Message-ID: <20161227233846.6ed0ebf0@gentp.lnet> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Tue, 27 Dec 2016 23:16:46 +0100 (CET) Guido Trentalancia via refpolicy wrote: > The aim of this patch is to start securing the init module so > that it can run in confined mode instead of in the most unsafe > unconfined mode. > > At the moment it has been fully tested only with sysvinit. > > Testing with other init daemons is needed before this is > released, so a "permissive" statement has been added in > order to log further needed permissions during this testing > phase (with systemd, upstart, and so on). > > [...] > > +permissive init_t; Please don't add that. Debugging statements such as this one should only be added to local policies, not to refpol's master branch. This statement would be a huge step backwards for everyone who isn't using the 'unconfined' module. Regards, Luis