On Wed, 2013-10-30 at 11:13 -0400, Daniel J Walsh wrote:
On 10/30/2013 10:11 AM, Matthew Miller wrote:
> There is some concern on the devel mailing list about user-writable
> directories in the default $PATH -- initially discussion about
> ~/.local/bin as a hidden file, but now also out to ~/bin as well. I notice
> that these are home_bin_t. What does this do with the current policy, and
> what more could we do? (Particularly, a compromised application shouldn't
> be able to put binaries there, but a shell script or something like `pip
> install` probably _should_ be able to.)
I responded on the other email on what these labels do.
Confining user space is difficult, since most people do not want stuff to
break and blocking apps from writing general places in the homedir is difficult.
I think the future with confined applications where the application runs
within a container and does not get direct access to the users homedir is the
only way to handle this.
Difficult: sure, impossible: i do not think so.
I have proof that it is possible, if one sets clear goals, boundaries,
and realistic expectations.
I do not think containers are a silver bullet, and that MCS is a
solution to all problems.