From: Ivan Gyurdiev <ivg2@cornell.edu>
To: Karl MacMillan <kmacmillan@tresys.com>
Cc: selinux@tycho.nsa.gov, "'Daniel J Walsh'" <dwalsh@redhat.com>
Subject: RE: file contexts and modularity
Date: Mon, 27 Jun 2005 13:56:20 -0400 [thread overview]
Message-ID: <1119894980.26533.33.camel@celtics.boston.redhat.com> (raw)
In-Reply-To: <200506271725.j5RHP9qc019649@gotham.columbia.tresys.com>
> How would a non-home directory expansion work?
I can't answer this question, but I think claiming that such use
cases will not exist in the future is not warranted.
Why do expansions exist? Because we can't hardcode user information,
and this information has to be extracted as the users are created.
What makes you think this can't occur in other situations in the future.
Consider a scenario where you don't know the locations of things
in advance, and you have to query some sort of external source
to find that out... say GNOME implements a download folder, like
I've been saying they should. I remember someone on the usability
list argued that it might be a smart idea to have its name be
configurable via GConf key. I don't know how good of an idea that is,
but now you have another thing which doesn't have a fixed name, and
you have to extract from an external source. I can easily see
something like this being used in the future:
HOME_DIR/GNOME_MEDIA -- gnome_media_content_t
HOME_DIR/GNOME_...blah
and that's just one scenario.
Consider that one of the major problems of SELinux today is how
location-oriented labeling is - it's focused on where the data
is, not what the data is. Those two things don't always match -
people use nonstandard locations all the time, and expansions
may be one way to deal with that in the future.
> Without a compelling use case I think that this is a slippery slope
> that could cause problems.
I realize this is not a compelling use case right now, but
I'm just saying it should be a consideration before we go
and put expansion-handling code into matchpathcon.
> I more concerned about the other questions - how would a user switch policies
> with this scheme?
Does switching policies require changing the file contexts?
I typically use strict policy, so I'm not sure...
I suppose this file could be re-generated?
> How would network home directories work?
The same way they work right now?
I didn't realize network home dirs support xattr..
> Tying the creation of
> the labeling information to calling adduser seems fragile.
Perhaps...
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2005-06-27 17:59 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-23 3:00 file contexts and modularity Ivan Gyurdiev
2005-06-23 17:37 ` Karl MacMillan
2005-06-23 18:05 ` Ivan Gyurdiev
2005-06-23 18:21 ` Karl MacMillan
2005-06-23 18:25 ` Ivan Gyurdiev
2005-06-23 18:40 ` Karl MacMillan
2005-06-23 19:00 ` Ivan Gyurdiev
2005-06-23 19:39 ` Karl MacMillan
2005-06-23 20:28 ` Ivan Gyurdiev
2005-06-23 20:36 ` Ivan Gyurdiev
2005-06-24 12:08 ` Stephen Smalley
2005-06-24 15:43 ` Ivan Gyurdiev
2005-06-24 18:32 ` Stephen Smalley
2005-06-24 18:37 ` Ivan Gyurdiev
2005-06-24 12:21 ` Stephen Smalley
2005-06-24 14:30 ` Karl MacMillan
2005-06-24 16:05 ` Karl MacMillan
2005-06-24 18:05 ` Frank Mayer
2005-06-24 18:40 ` Stephen Smalley
2005-06-28 15:41 ` Karl MacMillan
2005-06-28 16:21 ` Stephen Smalley
2005-06-24 15:51 ` Casey Schaufler
2005-06-24 16:36 ` Karl MacMillan
2005-06-24 16:47 ` Casey Schaufler
2005-06-24 16:56 ` Karl MacMillan
2005-06-24 17:10 ` Casey Schaufler
2005-06-24 15:39 ` Karl MacMillan
2005-06-24 16:03 ` Ivan Gyurdiev
2005-06-24 16:28 ` Karl MacMillan
2005-06-24 17:56 ` Ivan Gyurdiev
2005-06-27 15:07 ` Karl MacMillan
2005-06-27 15:36 ` Ivan Gyurdiev
2005-06-27 17:25 ` Karl MacMillan
2005-06-27 17:56 ` Ivan Gyurdiev [this message]
2005-06-28 13:47 ` Karl MacMillan
2005-06-28 19:31 ` Ivan Gyurdiev
2005-06-29 17:28 ` Ivan Gyurdiev
2005-06-29 18:17 ` Karl MacMillan
2005-06-29 18:46 ` Ivan Gyurdiev
2005-06-29 18:53 ` Stephen Smalley
2005-06-29 19:04 ` Karl MacMillan
2005-06-29 19:24 ` Ivan Gyurdiev
2005-06-29 19:50 ` Stephen Smalley
2005-06-29 20:03 ` Ivan Gyurdiev
2005-06-29 20:09 ` Stephen Smalley
2005-06-29 20:22 ` Ivan Gyurdiev
2005-06-30 13:54 ` Stephen Smalley
2005-06-29 20:22 ` Janak Desai
2005-06-29 20:43 ` Ivan Gyurdiev
2005-06-30 13:53 ` Ivan Gyurdiev
2005-06-30 13:58 ` Stephen Smalley
2005-06-30 14:48 ` Karl MacMillan
2005-06-30 14:52 ` Stephen Smalley
2005-06-30 13:56 ` Stephen Smalley
2005-06-29 20:13 ` Janak Desai
2005-06-30 0:40 ` Luke Kenneth Casson Leighton
2005-06-29 19:04 ` Karl MacMillan
2005-06-29 19:20 ` Ivan Gyurdiev
2005-06-24 5:03 ` Ivan Gyurdiev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1119894980.26533.33.camel@celtics.boston.redhat.com \
--to=ivg2@cornell.edu \
--cc=dwalsh@redhat.com \
--cc=kmacmillan@tresys.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.