Re: Desktop apps interoperability

[Luke Kenneth Casson Leighton <lkcl@xxxxxxxx>]

On Mon, Mar 28, 2005 at 08:36:32AM -0500, Stephen Smalley wrote:
> On Mon, 2005-03-28 at 11:04 +0100, Luke Kenneth Casson Leighton wrote:
> > On Sun, Mar 27, 2005 at 11:57:35PM -0500, Ivan Gyurdiev wrote:
> > 
> > > There can't be more than one file_type_auto_trans on the same folder
> > > type (right?). 
> > 
> >  bizarrely, no.
> > 
> >  i believe this issue was raised some months ago, with the
> >  "alternative file context" thing.
> > 
> >  if file_type_auto_trans also took an executable [domain] as an
> >  additional argument, i believe you stand a chance of achieving
> >  what you seek.
> 
> file_type_auto_trans() is based on the domain of the creating process,
> the type of the parent directory, and optionally the class of the new
> file.  

 brain-lapse.  of course it is.  duh.

> [description of how to make programs security-aware]

 so the issue ivan describes _can_ be solved.

 ... question: in what ways do you ensure that a security-aware
 compromised program is only allowed to create certain filetypes?

 is it to do with using compute_av()?

 l.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.