CVE-2011-0997: How strictly confined is dhcpc_t?
Christoph A.
casmls at gmail.com
Thu Apr 7 11:04:41 UTC 2011
Hi,
in the light of the security vulnerability in the ISC DHCP client
[1][2][3], the obvious question for a fedora/rh/centos user is:
Does SELinux prevent dhclient from accessing my $HOME (user_home_dir_t)
and /media (mnt_t)?
How strictly confined is dhcpc_t?
dhclient runs in the dhcpc_t domain:
system_u:system_r:dhcpc_t:s0 root /sbin/dhclient
Should it be the case that SELinux protects fc13+ user, it would also be
interesting if this was also the case in fc11 and fc12, even though they
are not supported any more.
If dhcpc_t has access to data in $HOME (directly or via a domain
transition) would it be possible to prevent this access without
impacting the functionality of dhclient to reduce the impact for similar
vulnerabilities in the future?
kind regards,
Christoph A.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=694005
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0997
[3] https://www.isc.org/software/dhcp/advisories/cve-2011-0997
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20110407/38f75218/attachment.bin
More information about the selinux
mailing list