On Sunday 13 November 2005 00:18, Michael Sweet <mike(a)easysw.com> wrote:
> Please don't remove comments such as "this is not
ideal, and allowing
> setattr access to cupsd_etc_t is wrong". That's a design flaw in cupsd,
> eventually we want to fix it. Removing the comment decreases the chance
> of such a design flaw ever being corrected.
Well, given that the comment does not describe the "design flaw" in
enough detail to be useful, and that no one has posted this "design
flaw" to any of the CUPS forums or the STR page on the CUPS site, it
seemed like I was removing a comment that was confusing and
uninformative.
What is the design flaw?
The fact that cups requires write access to it's config directory and all
config files.
> The hplip and ptal policies are OK in the same file as cups.
They are
> printer-specific programs. Having separate lpd and cups files is more of
> a problem. As we seem to be moving away from the traditional lpd we will
> probably change things in this regard.
>
> When there is policy involving access between initrc_t and the
> domains/types defined in a daemon policy file then this belongs in the
> policy file for the daemon. Important files such as initrc.te should not
> have sections for all the many daemons that need to interact with them.
Fair enough. Can we at least segment the rules in each of the files
so that it is clear which rules apply to which sub-programs?
Sure.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page