| 1 |
El 21/01/11 22:55, Sven Vermeulen escribió: |
| 2 |
> On Sun, Jan 16, 2011 at 11:06:47AM -0600, Chris Richards wrote: |
| 3 |
>> On 01/16/2011 09:09 AM, Sven Vermeulen wrote: |
| 4 |
>>> When writing security policies, it is important to first have a vision on |
| 5 |
>>> how the security policies should be made. Of course, final vision should be |
| 6 |
>>> with a systems' security administrator, but a distribution should give a |
| 7 |
>>> first start for this. |
| 8 |
> [... What to allow ...] |
| 9 |
>> My general feeling is that the system should operate FROM THE USER |
| 10 |
>> PERSPECTIVE the way it always does, i.e. the existence of SELinux should |
| 11 |
>> be relatively transparent to the user and/or administrator, at least to |
| 12 |
>> the extent that is practical. There may be some things that you simply |
| 13 |
>> can't avoid changing, but they should generally be few and far between. |
| 14 |
> [... What to hide ...] |
| 15 |
>> My general feeling here is that, again where practical, we should avoid |
| 16 |
>> cluttering the logs. Logs that are cluttered with noise don't get |
| 17 |
>> properly evaluated for the truly exceptional conditions that the |
| 18 |
>> administrator needs to be concerned about. Obviously, there are tools |
| 19 |
>> that can help with this, but those tools should be used for the purpose |
| 20 |
>> of helping the administrator organize the information, not prune the |
| 21 |
>> logs of stuff to ignore. If there's stuff that is going to be routinely |
| 22 |
>> ignored because it is essentially useless chatter, then it shouldn't be |
| 23 |
>> there to start with. |
| 24 |
> Well, I've taken the liberty of writing down a sort-of policy document in |
| 25 |
> which we can include our development principles and methods. The idea is |
| 26 |
> that both existing and new developers then know how to "include" their |
| 27 |
> suggested changes and how to configure/design the added SELinux policy |
| 28 |
> rules. |
| 29 |
> |
| 30 |
> The document: http://goo.gl/2U0Zr |
| 31 |
> |
| 32 |
> I've included a few of the items we discussed already, but also added |
| 33 |
> two others ones (see the "No Role-Specific Domains" and "Only Reference |
| 34 |
> Policy Suggested Roles" rules). |
| 35 |
> |
| 36 |
> It's a *discussion* document, I'm really open to (many) suggestions (and |
| 37 |
> enhancements ;- |
| 38 |
Recovering the spirit from the good old times huh? That's good to hear ^_^ |
Archives