Re: ACL

From: kent@xxxxxxxxxxxx
Date: Mon, 28 Jul 2008 08:40:49 -0700

On Mon, Jul 28, 2008 at 11:25:21AM -0400, Broekman, Maarten wrote:

This is the point I was trying to make. Sorry if that wasn't clear. If
there's no legal reason for the sysadmins to access the particular data,
then there's no reason for them to object to having SELinux policies in
place to enforce the written (or unwritten) policy.

SELinux in no way reduces the need to hire trustworthy people. It
probably increases the need to do so since you have to hire people you
can trust to correctly implement the policies.

There's a confusion between "UID 0" and "ultimate sysadmin authority".
Obviously, someone has to set up and manage SELinux boxes -- they don't
magically administer themselves.

SELinux systems still need ultimate sysadmin authority -- it's just no longer
UID 0. (As I understand it, ultimate sysadmin authority in SELinux requires
direct console access.) It's very similar to sudo, in that it allows a finer
grain control over who can do what.

The value is that services that normally require root to do their work can be
sandboxed, so that if they get hacked, they can't get to other parts of the
system.

Kent

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

References:
- ACL
  - From: Joy Methew
- Re: ACL
  - From: Chris St. Pierre
- Re: ACL
  - From: Laszlo BERES
- Re: ACL
  - From: Laszlo BERES
- RE: ACL
  - From: Broekman, Maarten

Prev by Date: Re: ACL
Next by Date: Re: ACL
Previous by thread: RE: ACL
Next by thread: Re: ACL
Index(es):
- Date
- Thread

Relevant Pages

Re: AppArmor FAQ
... understanding both SELinux policies and AppArmor profiles is ... understanding what access should be allowed. ... AppArmor language seems like a small issue in comparison. ... end up disabling entire SELinux policies, or turning off SELinux, ...
(Linux-Kernel)
Re: SELinux Understanding
... Let's begin with a complete lack of any usable documentation that comes with the SELinux package itself. ... And the documentation on the web not just wasn't helped, it was pretty clear that SELinux is long way from maturing. ... It seems that there were several major attempts at putting together an SELinux policy infrastucture, so whenever you come across some documentation on the web, you have no idea of what specific SELinux policy infrastructure it's talking about. ... And, of course, the SELinux policies in Fedora do not appear to have much documentation, and there's precious little in there that will tell you how you go about defining SELinux policies for any new component, and how the existing policies work, vis-a-vis plugging your own stuff in. ...
(Fedora)
Re: Amavisd does not start
... current amavis would have worked with older SELinux policies. ... I think it have been working with targetted for a long time, dunno about ... There is a long-running thread on the se list about creating a new policy ...
(Fedora)
Re: Amavisd does not start
... current amavis would have worked with older SELinux policies. ... a personal "toy" system so that I can learn Linux properly, ... but Mark isn't using amavis AFAIK. ...
(Fedora)