default user context on fedorapeople.org
seth vidal
skvidal at fedoraproject.org
Tue Mar 27 21:17:32 UTC 2012
We are debating the default user context for fedorapeople.org:
Right now users are unconfined_t.
This would, ostensibly, let them do a lot. However, we have
fedorapeople set up to isolate user tempdirs and every place a user can
write to is mounted noexec,nosuid - so there is no place to run
anything that isn't already on the system.
We're wondering if we should move them to either:
user_t
or
guest_t
User_t sets:
X Windows Login and terminal login, nosetuid, noexec in homedir
As we have things currently configured this would not involve much in
the way of a change to how users can operate on fedorapeople.org
Guest_t sets:
Terminal login, nosetuid, nonetwork, noxwindows, noexec in homedir
X is not really an issue, obviously. So the big difference here is that
outbound network connections would not be allowed with guest_t.
The debate is really over network access. We know that some folks
tunnel through fedorapeople.org for irc and they login there to rsync
things to this space for personal hosting, etc.
So there are some legit reasons for outbound network connections.
However, it is not obvious that those reasons are within the scope
for what fedorapeople.org is supposed to be used.
And that is the more or less it - does anyone have any
suggestions/thoughts?
-sv
More information about the infrastructure
mailing list