On Mon, 12 Dec 2011 19:19:20 EST, Ramon de C Valle said: > Actually, this is has no relation with binaries. Transitions are defined per > domain in SELinux policy. For additional information, refer to: > http://danwalsh.livejournal.com/23944.html Exactly the point - that's how most transitions are done. However, if you want to start off in an SELinux context that can read locale_t, open the file, chroot, and then change to another context that can't reade locale_t, then you're going to need to use setcon() in the process rather than just letting execcon based transitions letting it happen. And at that point, you just bought a hole bunch more headache, because now you need to do setcon() *securely* rather than just get transitioned into an ftpd_t just by getting exec'ed. > > We're lucky nobody has looked into what should happen on an > > MLS-enabled system :) > I don't think sensitivity levels would make any difference in this case in > the current SELinux MLS policy. No, but if user A and user B are in different sensitivity levels, it's even more loads of fun to make sure that the ftpd can get to the proper sensitivity level for each user via setcon() without botching it.
Attachment:
pgpq01pBUgQ7m.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/