On Tue, 2012-03-27 at 17:35 -0400, seth vidal wrote:
Except it is more or less where we are now.
ie: user can run stuff but they cannot put any exec or suid files in
any place they can write.
The debate is not about whether or not to enable this - it is about
whether we need to allow network connections at all.
Allowing irc out or ssh tunnels is not significant more safety
over just allowing general network communication, afaict.
It's not quite like that. E.g. if we do fedora_u with irc_role(), then
the person would be allowed to execute a binary labelled with
irc_exec_t, which would then be allowed to connect to IRC ports. Without
executing that binary, the user would not be able to connect to IRC
ports, so no ssh-forwarding or just "telnet 6667".
Let me verify this in my VM, though, before I'm forced to insert my foot
into my mouth. :)
Best,
--
Konstantin Ryabitsev
Systems Administrator,
Kernel.org
Montréal, Québec