From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32A2AC3A5A7 for ; Tue, 3 Sep 2019 17:20:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 0A5CE21881 for ; Tue, 3 Sep 2019 17:20:27 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="VyO12y3E" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729838AbfICRU0 (ORCPT ); Tue, 3 Sep 2019 13:20:26 -0400 Received: from mail-ed1-f46.google.com ([209.85.208.46]:35685 "EHLO mail-ed1-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728854AbfICRU0 (ORCPT ); Tue, 3 Sep 2019 13:20:26 -0400 Received: by mail-ed1-f46.google.com with SMTP id t50so19273308edd.2 for ; Tue, 03 Sep 2019 10:20:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:mail-followup-to:mime-version :content-disposition:user-agent; bh=+cuObR6qt1c7Mte/4R6VlVN8r1OmkoJGuAvT5PLCR1E=; b=VyO12y3Eh939U7q9vejuUY/YjmfHXVtJKTbnP/TQEbBcE9rAdromXoL4dNpczxrAVM scSGs9HICu57BYg0R/dT35AJl3ExdeLo+hF2jGmY7Xuu0tJfwbR/YeZCHA/bG4WQJf3w XeG0yU6Ufpzaqnpdh3BTOdWKsDy67rQxjl5yzswR1Pm0g/cYcftj/zHtLVnqg4pV/Yw0 bqyOfe+Tc5tlermXRwF/ymSAUzmDy+7xS0E0xYIMFtfZtbafc++iloPeXjlqd1TMXj2E 7cH/ckLwVNQT3lXzyJfXnUev39GyI6yFUdqVrYpc4TOPoVNq0jkygTFb9f/hDkqOEn6S AROQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mail-followup-to :mime-version:content-disposition:user-agent; bh=+cuObR6qt1c7Mte/4R6VlVN8r1OmkoJGuAvT5PLCR1E=; b=bu4NoMmdbuVZLqpRfgfjfM03aZCUxw3+rG8Pp8WL/FaAbSEB4uma/K37NhXErJGBjt b9ZH9AfoNt8Az6n/u97FtbKElusM8lHbwJKlsbdQ8pWhR4a4LkPgpwvUsx6maEPkKiKa yoOncj1L/68VyclYCJ5Os5CpmFgxcc/n0xun4889wcJY6ckQMCCmTsS+XYTD1O7DlKI9 tqgQDJpmIO2gHOKyZgYVsnVMLj25etdLBw9DAues/UAunjwygnVI2Ba1JCNbEAVd3R9A +iVWZc/tJO2V7lTz/6SBcyhoLOsEVj9mWsd6/VfJUnSXX0uZHCi0xV0RJy4//yZmteBz LXfg== X-Gm-Message-State: APjAAAUrI9wrhfEfFPtu9EiteL+/xSzbj5GZGtJl33jwFQAs/1FcEJCf 69cRIa6wdma84I8a/piu/Fjc/Hl4 X-Google-Smtp-Source: APXvYqxcNVDfiVIujxc/ILCi2nRNWHSSzGpLoZtaZq3u2XQ34W+KjX5yYGysTxfUvcAtDyRvhiCjsA== X-Received: by 2002:a17:906:63c9:: with SMTP id u9mr4088103ejk.117.1567531224457; Tue, 03 Sep 2019 10:20:24 -0700 (PDT) Received: from brutus.lan (brutus.defensec.nl. [2001:985:d55d::438]) by smtp.gmail.com with ESMTPSA id r18sm1523071edl.6.2019.09.03.10.20.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2019 10:20:23 -0700 (PDT) Date: Tue, 3 Sep 2019 19:20:22 +0200 From: Dominick Grift To: selinux-refpolicy@vger.kernel.org Subject: Processes to target Message-ID: <20190903172022.GA923044@brutus.lan> Mail-Followup-To: selinux-refpolicy@vger.kernel.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="opJtzjQTFsWo+cga" Content-Disposition: inline User-Agent: Every email client sucks, this one just sucks less. X-PGP-Key: https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Sender: selinux-refpolicy-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org --opJtzjQTFsWo+cga Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Some processes that are part of the core os that one might want to target dm blkdeactivate: init system domain that maintains a file in /tmp that mou= nt wants to be able to read logging augenrules: init system domain that maintainss content in /tmp dracut-initramfs: init system domain that maintains /run/initramfs systemd-shutdown: pid1 during shutdown --=20 Key fingerprint =3D 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=3Dget&search=3D0x3B6C5F1D2C7B6B02 Dominick Grift --opJtzjQTFsWo+cga Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEEujmXliIBLFTc2Y4AJXSOVTf5R2kFAl1uoNEACgkQJXSOVTf5 R2kGvAv+LSkbBBWryEHaQ0HzjJgwDTkka/D8iTNHqOBXDIMvvjMKF5fPjS/6VoPX 8nXeIID98tjTyEuJ69Z42IW1NYKOjbXwsfq6h0ynMCROPS7x2ZVLCLhSzLqLJmbz 9x/GG6m6x2AzcG1GOIcTQc0AnGM3hOPwHJ7mSOqN46NftkZOSqFshBUAgjKRUpXN Y8iKlfMvpLVn20+05bfqB+iZCiBxeiTUpNADf1wUP3MKYpnXt6SnzRt+Lw2QFBOC 917JuaAEMZnxDPetRlESawOp/NPMJhxcZtqlRWc1RxTVltoSCai/ilYv6V07ut5a jp5xcxnZ0wpwTcWNA3/IEOilxU9xaec12/oYgvhyJJlZ4NjS4/tqIawvzb15ug4J 959XEZxqmX11M6ndusj0T6dKUnN2yNTbX4thDFsW6SQ7jFhzg16ZDqRDz+pg9hXM wLmvTAXJhmzpr73qPAfbUaJi6lfh3dN1A6TfDQZjFeljKvboFTx7N/avod8z4EWO fbWyfg+E =DZ/n -----END PGP SIGNATURE----- --opJtzjQTFsWo+cga--