homedir file context definitions

homedir file context definitions

[Vit Mojzis]

Hello everyone,
when investigating a bug report [1], I found that homedir context 
definitions (specified in .fc file) are changed based on the 
corresponding user (selinux user, role and mls level from the context 
definition are replaced - [2]).
While replacing the selinux user and role makes sense, I'm wondering if 
the mls level from each homedir context definition should instead be 
compared to corresponding user's mls range (and either kept or replaced 
to ensure given user has access to it).

I have no problem with writing the patch, but I could use help 
understanding what the correct behaviour should be (and why).

Any pointers would be apprecited.

Thank you.


[1] - https://bugzilla.redhat.com/show_bug.cgi?id=1818472
[2] - 
https://github.com/SELinuxProject/selinux/blob/master/libsemanage/src/genhomedircon.c#L638

--

Vit Mojzis
Software Engineer, Platform Security - SELinux userspace
Red Hat, Inc.

Re: homedir file context definitions

[bauen1]

On 11/2/20 9:45 PM, Vit Mojzis wrote:
> when investigating a bug report [1], I found that homedir context definitions (specified in .fc file) are changed based on the corresponding user (selinux user, role and mls level from the context definition are replaced - [2]).
> While replacing the selinux user and role makes sense, I'm wondering if the mls level from each homedir context definition should instead be compared to corresponding user's mls range (and either kept or replaced to ensure given user has access to it).
> 
> I have no problem with writing the patch, but I could use help understanding what the correct behaviour should be (and why).

I would also be interested in a patch that allows specifying the "user level" i.e. the mls part of home directory file contexts as a range.
In my policy objects can also have a range where low specifies the confidentiality level and high the integrity level of a file, and it would be quite useful to have user directories default to low-high.
I might have already posted something about this to the mailing list but I'm not sure.

-- 
bauen1
https://dn42.bauen1.xyz/

Re: homedir file context definitions

[Chris PeBenito]

On 11/2/20 3:45 PM, Vit Mojzis wrote:
> Hello everyone,
> when investigating a bug report [1], I found that homedir context definitions 
> (specified in .fc file) are changed based on the corresponding user (selinux 
> user, role and mls level from the context definition are replaced - [2]).
> While replacing the selinux user and role makes sense, I'm wondering if the mls 
> level from each homedir context definition should instead be compared to 
> corresponding user's mls range (and either kept or replaced to ensure given user 
> has access to it).
> 
> I have no problem with writing the patch, but I could use help understanding 
> what the correct behaviour should be (and why).
> 
> Any pointers would be apprecited.

I think the behavior should be that it replaces the level with the default level 
of the user (from the user policy statement) and that possibly should be 
overridden by the bottom level of whatever range is specified for that login 
user (from the seusers file).


-- 
Chris PeBenito