On Mon, 12 Dec 2011 13:31:21 EST, Ramon de C Valle said: > This is a good question. Actually, we shouldn't allow ftpd_t read the locale > files from within user_home_t directories. To fill in the SELinux details for the people following along at home: The problem is that at open() time, there's no good way to specify what the expected label is (now *that* might be an interesting extention to open() for some enterprisng grad student) - so as long as the file has *any* foo_t label that the program is allowed to access, the open() will succeed. There's no way for it to say "I'm opening what *should* be a locale_t file, so if I'm being coerced into opening a user_foo_t, please nuke the request".
Attachment:
pgpJhwaNcPG1e.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/