GCL

[Jerry James]

Once upon a time on fedora-devel-list, Daniel J Walsh <dwalsh at redhat.com> wrote:
> +/usr/bin/gcl                  --       gen_context(system_u:object_r:execmem_exec_t,s0)
>
>
> Will be in selinux-policy-3.5.13-19.fc10

I've done some experimenting, and I think I need a couple of
modifications to this.  First, it turns out that GCL needs both
execmem and execheap permissions.  Do I need to create a gcl_exec_t
type to combine those?

Second, /usr/bin/gcl is just a shell script.  It does an exec of
/usr/lib/gcl-%{version}/unixport/saved_ansi_gcl, which is the saved
Lisp image, along with appropriate command line options.  I don't
expect permissions to persist across an exec (but tell me if I'm
wrong), so I think I need the policy to mention the saved image
instead of /usr/bin/gcl.  There are some problems associated with
this:

1) The /usr/lib prefix is used on both 32-bit and 64-bit platforms,
which is bad.  I'll see if I can get that fixed, but it appears to
require some code changes (i.e., not just makefile changes).

2) The GCL build process can produce multiple image files, with
various combinations of options (such as profiling, ANSI vs. CLtL1
support, a GUI, etc.).  Fedora has only ever shipped one image, but I
can see an argument for producing a profiling version of the standard
image and making /usr/bin/gcl choose between them based on command
line arguments.  In any case, all of the image names start with
"saved_".

The upshot of all this is that, to make the policy future-proof, I
really need the execmem + execheap permissions for all files that
match this pattern:

/usr/lib*/gcl-*/unixport/saved_*

Is that okay?  If so, how do I proceed?  Thanks for helping out an
SELinux newbie.
-- 
Jerry James
http://loganjerry.googlepages.com/