[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dynamic context transitions

To: Luke Kenneth Casson Leighton <lkcl@xxxxxxxx>
Subject: Re: dynamic context transitions
From: Darrel Goeddel <dgoeddel@xxxxxxxxxxxxx>
Date: Tue, 15 Feb 2005 16:21:20 -0600
Cc: SE-Linux <selinux@xxxxxxxxxxxxx>
In-reply-to: <20050215213455.GF26294@xxxxxxxx>
References: <20050215213455.GF26294@xxxxxxxx>
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Luke Kenneth Casson Leighton wrote:

stephen,

i assume it _is_ necessary to perform dynamic auto transitions?

such that i can track to alternative contexts, yes?

Could you explain what you mean by "dynamic auto transitions"? An autotransition is a policy defined transition upon exec. The dynamic transitions(setcon) are done programatically.

e.g. i am running in sshd_privsep_t [because on a fork(),
i deliberately called setcon() to set it that way]

and i now want to be a user-related context, so i do this:

	get_default_context(pw->pw_name,NULL,&scontext)
	setcon(scontext);

and i set up a dynamic_auto_trans(sshd_privsep_t,
                                  sshd_exec_t,
				  sshd_privsep_user_t)

... hang on, that doesn't look right.  surely there should be
four arguments:

	* domain you were in before the setcon
	* domain the setcon asked to be in
	* executable_t
	* domain you want to be in afterwards

so it'd be:

	dynamic_auto_trans(sshd_privsep_t, /* where we were */
		   user_t,               /* from get_default_context() */
		  sshd_exec_t,          /* from the sshd binary */
		  sshd_privsep_user_t) /* what we _really_ want to be */


burblburbl... *gloop* drowning in not-much-understanding...

l.

For the above call to setcon to be successful, you will need the followingpolicy rules where CURRENT_T is the current process domain and NEW_T is thedomain that you are trying to transition to:


1) allow CURRENT_T self:process setcurrent;
2) allow CURRENT_T NEW_T:process dyntransition;

The first is necessary for the process to be able to use setcon. The second isnecessary for a dynamic transition to take place from CURRENT_T to NEW_T. Thosetwo will allow the transition to happen. The executable type has no bearing ondynamic transitions because there is no exec taking place. Remember that thetransition will take place in the same process state - the new domain shouldmost likely be able to access at least some of the resources (such as tty) ofthe previous domain.


Hope this helps a little...

--

Darrel

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

Follow-Ups:
- Re: dynamic context transitions
  - From: Luke Kenneth Casson Leighton

References:
- dynamic context transitions
  - From: Luke Kenneth Casson Leighton

Prev by Date: dynamic context transitions
Next by Date: Re: sshd transition points
Previous by thread: dynamic context transitions
Next by thread: Re: dynamic context transitions
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.