selinux breaks revisor
Till Maas
opensource at till.name
Thu Jan 24 16:48:20 UTC 2008
On Thu January 24 2008, Stephen Smalley wrote:
> I think it would be a property of the chroot'd process and its
> descendants, not of the directory, as processes operating non-chroot'd
> may still access the contents of that directory and should still be
> handled by the host policy. So a per-task policy attribute that would
Yes, I did not think about this direction.
> usually always refer to the host/global policy, but could be unshared
> and then have a private policy loaded for it and its descendants.
>
> The main problem is detecting and handling accesses that cross the
> policy boundary (non-chroot'd process attempts to access file within the
> directory, chroot'd process manages to break out of the chroot and
> attempts to access file outside of chroot).
When there were different "namespaces" for the inner and outer selinux, then
the outer selinux could handle the access trough the chroot bondary using the
normal host namespace and the inner selinux would only handle the access
within the chroot, using its own namespace.
Regards,
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20080124/ac4dc401/attachment-0002.bin
More information about the devel
mailing list