From: dac.override@gmail.com (Dominick Grift) Date: Sat, 11 Feb 2017 21:23:51 +0100 Subject: [refpolicy] [PATCH] bootloader: add permissions to read boot files in order to generate a configuration file In-Reply-To: <1486844285.9069.4.camel@trentalancia.net> References: <1482452559.20547.19.camel@trentalancia.net> <20170205054446.GB5742@meriadoc.perfinion.com> <85ccfdef-680e-fc31-6640-18567b4609b9@ieee.org> <1486510352.7595.1.camel@trentalancia.net> <20170208021335.GA2470@meriadoc.perfinion.com> <1486844285.9069.4.camel@trentalancia.net> Message-ID: To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 02/11/2017 09:18 PM, Guido Trentalancia via refpolicy wrote: > Hello. > > On Sat, 11/02/2017 at 14.51 -0500, Chris PeBenito wrote: >> On 02/07/17 21:13, Jason Zaman via refpolicy wrote: >>> >>> On Wed, Feb 08, 2017 at 12:32:32AM +0100, Guido Trentalancia via >>> refpolicy wrote: >>>> >>>> Allow the bootloader to read boot files in order to generate >>>> a configuration file. >>>> >>>> Signed-off-by: Guido Trentalancia >>> >>> NACK. this wont work. Just use the patch I posted >>> http://oss.tresys.com/pipermail/refpolicy/2017-February/009011.html >>> [PATCH v2] bootloader: grub needs to manage grub.cfg and read >>> kernels >> >> I've decided to revert this patch. A nonfunctional system app like >> this >> is not acceptable. I am still open to a change along these lines, >> though arguably because bootloader has raw disk access, it doesn't >> matter much if it can overwrite the kernel via normal file access. > > The core grub functionality has never stopped working. > > The only thing that was not fully functional is an auxiliary > application shipped with grub (grub-mkconfig) that can be optionally > used to create the grub configuration file. It basically scans the > /boot directory for kernel images and creates an entry for each kernel > image it found. > > With the additional very simple patch that has been posted, the above > mentioned optional functionality works again. Except when ones uses efi i suppose. since /boot/efi is dosfs_t > >>>> --- >>>> policy/modules/admin/bootloader.te | 1 + >>>> 1 file changed, 1 insertion(+) >>>> >>>> diff -pru refpolicy-git-08022017- >>>> orig/policy/modules/admin/bootloader.te refpolicy-git- >>>> 08022017/policy/modules/admin/bootloader.te >>>> --- refpolicy-git-08022017- >>>> orig/policy/modules/admin/bootloader.te 2016-12-29 >>>> 22:48:16.446818415 +0100 >>>> +++ refpolicy-git-08022017/policy/modules/admin/bootloader.te >>>> 2017-02-08 00:14:22.923674773 +0100 >>>> @@ -108,6 +108,7 @@ corecmd_exec_all_executables(bootloader_ >>>> domain_use_interactive_fds(bootloader_t) >>>> >>>> files_create_boot_dirs(bootloader_t) >>>> +files_read_boot_files(bootloader_t) >>>> files_read_etc_files(bootloader_t) >>>> files_read_usr_src_files(bootloader_t) >>>> files_read_usr_files(bootloader_t) >>>> > > Regards, > > Guido > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy > -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 648 bytes Desc: OpenPGP digital signature Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20170211/9a5006f1/attachment-0001.bin