| 1 |
Back on list, please don't go private unless there is a good reason |
| 2 |
|
| 3 |
atoth@××××××××××.hu wrote: |
| 4 |
> Can you estimate, when will the transition to the new reference policy be |
| 5 |
> completed? |
| 6 |
> |
| 7 |
|
| 8 |
its done now, check the selinux docs |
| 9 |
|
| 10 |
> Can you give a hint on some SELinux tools providing the same functionality |
| 11 |
> as grlearn in Grsecurity? What are the other tools for creating SELinux |
| 12 |
> rules? |
| 13 |
> |
| 14 |
|
| 15 |
audit2allow can now build loadable policy modules, there are also some |
| 16 |
tools that redhat has that haven't been put in portage (blame PeBenito) |
| 17 |
like policygentool in the selinux-policy-devel rpms. There are also |
| 18 |
things like SLIDE (http://oss.tresys.com/projects/slide) that are being |
| 19 |
worked on. |
| 20 |
|
| 21 |
> I'm currently using Grsecurity (/w RBAC), but I'm inspecting the |
| 22 |
> possibilities of SELinux. It's good to see, that its policy is thoroughly |
| 23 |
> planned, and it would be good to have a tool, which would help in creating |
| 24 |
> new rules and warning the user about ignoring any security goals. |
| 25 |
> |
| 26 |
|
| 27 |
the best thing is to look at the denials and decide which ones are |
| 28 |
important and which can be ignored, this shouldn't be hard depending on |
| 29 |
your applications, etc. |
| 30 |
|
| 31 |
> In Grsecurity a user should authenticate itself as an admin to become a |
| 32 |
> real root. The grsec passwords are stored at a separate place and in a |
| 33 |
> different manner. If an attacker would somehow guess the root password, |
| 34 |
> (s)he should crack the password system of grsecurity also. Which would be |
| 35 |
> quite hard, since root has limited rights. |
| 36 |
> However in SELinux - if my interpretation is correct - one should provide |
| 37 |
> the same password while authenticating himself to gain full access. |
| 38 |
> |
| 39 |
|
| 40 |
there is no such thing as "real root" in selinux, if root has no |
| 41 |
privileged roles logging on as root won't do any good. Obviously the |
| 42 |
admin always needs the possibility of getting sysadm_r and possibly |
| 43 |
disabling SELinux, this can be controlled with a policy boolean though, |
| 44 |
setsebool secure_mode_policyload=1 will disable setting permissive, |
| 45 |
loading policies or otherwise changing the running policy in any way. |
| 46 |
|
| 47 |
|
| 48 |
> Don't you think, that the idea of two separate authentication systems is |
| 49 |
> better, than storing all passwords in the same manner? |
| 50 |
> |
| 51 |
|
| 52 |
nope. |
| 53 |
|
| 54 |
> Regards, |
| 55 |
> Dwokfur |
| 56 |
> |
| 57 |
|
| 58 |
|
| 59 |
-- |
| 60 |
gentoo-hardened@g.o mailing list |
Archives