1 |
Back on list, please don't go private unless there is a good reason |
2 |
|
3 |
atoth@××××××××××.hu wrote: |
4 |
> Can you estimate, when will the transition to the new reference policy be |
5 |
> completed? |
6 |
> |
7 |
|
8 |
its done now, check the selinux docs |
9 |
|
10 |
> Can you give a hint on some SELinux tools providing the same functionality |
11 |
> as grlearn in Grsecurity? What are the other tools for creating SELinux |
12 |
> rules? |
13 |
> |
14 |
|
15 |
audit2allow can now build loadable policy modules, there are also some |
16 |
tools that redhat has that haven't been put in portage (blame PeBenito) |
17 |
like policygentool in the selinux-policy-devel rpms. There are also |
18 |
things like SLIDE (http://oss.tresys.com/projects/slide) that are being |
19 |
worked on. |
20 |
|
21 |
> I'm currently using Grsecurity (/w RBAC), but I'm inspecting the |
22 |
> possibilities of SELinux. It's good to see, that its policy is thoroughly |
23 |
> planned, and it would be good to have a tool, which would help in creating |
24 |
> new rules and warning the user about ignoring any security goals. |
25 |
> |
26 |
|
27 |
the best thing is to look at the denials and decide which ones are |
28 |
important and which can be ignored, this shouldn't be hard depending on |
29 |
your applications, etc. |
30 |
|
31 |
> In Grsecurity a user should authenticate itself as an admin to become a |
32 |
> real root. The grsec passwords are stored at a separate place and in a |
33 |
> different manner. If an attacker would somehow guess the root password, |
34 |
> (s)he should crack the password system of grsecurity also. Which would be |
35 |
> quite hard, since root has limited rights. |
36 |
> However in SELinux - if my interpretation is correct - one should provide |
37 |
> the same password while authenticating himself to gain full access. |
38 |
> |
39 |
|
40 |
there is no such thing as "real root" in selinux, if root has no |
41 |
privileged roles logging on as root won't do any good. Obviously the |
42 |
admin always needs the possibility of getting sysadm_r and possibly |
43 |
disabling SELinux, this can be controlled with a policy boolean though, |
44 |
setsebool secure_mode_policyload=1 will disable setting permissive, |
45 |
loading policies or otherwise changing the running policy in any way. |
46 |
|
47 |
|
48 |
> Don't you think, that the idea of two separate authentication systems is |
49 |
> better, than storing all passwords in the same manner? |
50 |
> |
51 |
|
52 |
nope. |
53 |
|
54 |
> Regards, |
55 |
> Dwokfur |
56 |
> |
57 |
|
58 |
|
59 |
-- |
60 |
gentoo-hardened@g.o mailing list |