On Tue, 2006-08-15 at 18:28 +0200, Paolo D. wrote:
Hello everybody,
perhaps a newbie question; should it be the case, please beg your pardon.
Let's imagine a user acquire root rights. Especially on Fedora Core, which
modify su command to automatically map it to sysadm_r role, couldn't he/she
simply disable SELinux, delete logs, and so on?
What does "acquire root rights" mean? Logged in as the root user, or
exploited a suid root program or uid 0 process to gain uid 0? Two very
different things as far as SELinux is concerned.
A few observations:
1) Your questions are presumably oriented toward the strict policy, not
the default targeted policy since you are talking about sysadm_r.
2) pam_rootok is instrumented for SELinux, so uid 0 process cannot su to
an arbitrary user without knowing their password unless that process is
also in an authorized domain.
3) In FC5, su no longer switches contexts; separate newrole is once
again required.
--
Stephen Smalley
National Security Agency