dynamic context transitions
Luke Kenneth Casson Leighton
lkcl at lkcl.net
Sun Nov 14 11:15:27 GMT 2004
On Sun, Nov 14, 2004 at 12:18:24PM +1100, Andrew Bartlett wrote:
> On Tue, 2004-11-09 at 01:42, Russell Coker wrote:
> On the other hand, adding an extra #ifdef to become_user() and friends
> is a small, maintainable solution. It just may not fit with the SELinux
> world view.
andrew,
your comments are appreciated - esp. the ones about ensuring
maintainability.
i should point out [because you may not be on the selinux ml]
that about 10 days ago stephen smalley said that, all things
being considered, he was happy for a "seteuid"-like extension
to selinux to be added, and urged the discussion to move from
"if" to "how".
a seteuid-like function, which allows a single process to
transition to a new domain - yes, it would be called in become_user,
become_root and the corresponding "un"s.
i've said it before (and won't mention it again, i promise!) but
personally i believe it far more sensible [and this is a
practical solution that i believe could be done _now_ without
any samba or selinux code modifications, just some time writing
up the config files and policies] to run a samba-4 server with
an smb client vfs redirector going to a samba-3 back-end smbd
server on the same machine.
there are many ways in which such a scheme could be improved
to give performance gains, but to "get something working and
secure" they are not necessary.
l.
More information about the samba-technical
mailing list