On Fri, 2005-07-15 at 15:09 -0700, Casey Schaufler wrote: > These require care, as there needs to be > some scheme to determine what attributes > a particular generated object should have. > But that's already being done for the > mode bits and ownership. If there are > exceptions it seems the Linux mount scheme > has everything you need to pass that along. While you might use a mount option to specify a default label to apply to all inodes in a given filesystem (and SELinux supports such options), that doesn't address the issue of allowing userspace to get the security label of a given inode in a consistent and uniform manner (e.g. just calling getxattr). Otherwise, /bin/ls -Z has to go rummaging about in /etc/mtab or similar to check mount options, possibly read policy or access selinuxfs to figure out how certain filesystems are being handled, etc. Also, we want (and already have) finer-grained labeling than just one label per mount for some of these filesystems, e.g. ptys in devpts and temporary files in tmpfs have labels computed in part based on the creating process, and /proc/pid inodes are assigned security labels corresponding to the associated process. -- Stephen Smalley National Security Agency
This archive was generated by hypermail 2.1.3 : Mon Jul 18 2005 - 06:14:19 PDT