dynamic context transitions

Luke Kenneth Casson Leighton lkcl at lkcl.net
Sun Nov 14 11:15:27 GMT 2004

On Sun, Nov 14, 2004 at 12:18:24PM +1100, Andrew Bartlett wrote:

> On Tue, 2004-11-09 at 01:42, Russell Coker wrote:

> On the other hand, adding an extra #ifdef to become_user() and friends
> is a small, maintainable solution.  It just may not fit with the SELinux
> world view.


your comments are appreciated - esp. the ones about ensuring

i should point out [because you may not be on the selinux ml]
that about 10 days ago stephen smalley said that, all things
being considered, he was happy for a "seteuid"-like extension
to selinux to be added, and urged the discussion to move from
"if" to "how".

a seteuid-like function, which allows a single process to
transition to a new domain - yes, it would be called in become_user,
become_root and the corresponding "un"s.

i've said it before (and won't mention it again, i promise!) but
personally i believe it far more sensible [and this is a
practical solution that i believe could be done _now_ without
any samba or selinux code modifications, just some time writing
up the config files and policies] to run a samba-4 server with
an smb client vfs redirector going to a samba-3 back-end smbd
server on the same machine.

there are many ways in which such a scheme could be improved
to give performance gains, but to "get something working and
secure" they are not necessary.


More information about the samba-technical mailing list