On Wed, 2004-10-27 at 13:48, Valdis.Kletnieks@private wrote: > (It's basically Solar Designer's "Don't follow a symlink out of a o+w directory" > patch. security_safe_symlink is a sysctl boolean). > > How do you express that as an SELinux policy? Note that we do *not* care where > the directory is (and thus what it may end up labeled) - if it's o+w and +t, > we don't follow symlinks. That is actually a common aspect of SELinux policies: don't let trusted domains follow untrustworthy symlinks, just based on security types rather than uids. -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Wed Oct 27 2004 - 10:54:32 PDT