[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Alternative user management approach
On Fri, 2005-06-24 at 14:09 -0400, Brian T. Sniffen wrote:
> "Karl MacMillan" <kmacmillan@xxxxxxxxxx> writes:
>
> > This makes the SELinux user more what we are calling a 'user
> > role'. For example, the policy could create 3 user roles with
> > different role authorizations (which become 'role capabilities'):
>
> This seems like a great innovation. But it does inherit one problem
> of generic user_u: there's no longer any MAC separating users. If I'm
> a normal user, my shell has exactly the same security context as your
> shell---right?
Yes, but SELinux doesn't isolate those shells even if they have
different SELinux user identities if they have the same role and domain.
In fact, you only get real isolation in SELinux between domains (or MLS
levels, if using MLS).
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
This mailing list archive is a service of Copilot Consulting.