Christopher J. PeBenito wrote:
> On Wed, 2007-02-28 at 15:25 -0500, Daniel J Walsh wrote:
>   
>> This patch  an attribute  of application_exec_type to any executable 
>> that can be executed by a user. 
>>     
>
> The domains also need to be collected (minus the ones that we discussed
> on IRC, like cvs and rsync) into an attribute.  Then we should be able
> to apply that towards fixing the ssh command line/sockets problem (where
> the incoming client has done something like "ssh
> myserver /usr/bin/passwd").
>
>   
>> I have only patched the executables that currently transition to a 
>> domain if run under inetd or init, but do not transition if run by a user.
>>     
>
> The stuff in the apps layer will have to be covered too.  They may have
> policies, but they're still applications.  Their domain transitions will
> still happen.
>
>   
>> Also changed corecommand_exec_any to only execute executables that a 
>> user is supposed to run.  So if sysadm_t tries to execute a dameon 
>> directly it will get a permission denied.
>>     
>
> This interface has to remain the same.  "All executables" actually has
> to mean all executables for the semantics of the interface to be
> maintained.  If we want sysadm's behavior to be the above, it is the one
> that needs to change.
>
>   
How about something like the attached

I have just converted selinuxutil.te for now.