Procmail can't delete a tmp file but has free reign over regular files???
Daniel J Walsh
dwalsh at redhat.com
Tue Apr 23 19:14:43 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/23/2013 02:55 PM, Robert Nichols wrote:
> A process running as procmail_t can do pretty much anything to files of
> type user_home_t, but is restricted from the user_tmp_t file in /tmp that I
> want to use as a semaphore. Were is the logic in that? It's like granting
> free access to the vault, but locking up the leave-a-penny-take-a-penny
> jar.
>
> From selinux-policy-targeted-3.7.19-195.el6_4.3.noarch:
>
> allow procmail_t user_home_t : file { ioctl read write create getattr
> setattr lock append unlink link rename open } ;
>
> allow application_domain_type user_tmp_t : file { getattr append } ;
>
It is more about whether or not someone has opened a but on it. No one has
reported problems with procmail_t ability to create content labeled
user_tmp_t, but if they did, considering what we allow now, it would be
granted access.
I guess a tool that looked at what is granted to user_home_t and not
user_tmp_t would help find issues like this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlF23aMACgkQrlYvE4MpobOljgCeIKfwTBrBvuaVbAza5RWtkS7X
1w4AoNVZkh05YenMs2B925xDfluD3Nup
=ang9
-----END PGP SIGNATURE-----
More information about the selinux
mailing list