[CentOS] SELinux - way of the future or good idea but !!!

Les Mikesell lesmikesell at gmail.com
Mon Nov 29 17:19:57 EST 2010


On 11/29/2010 4:09 PM, Christopher Chan wrote:
>
>>>> In reality, I am not at all sure that a quantum leap in complexity
>>>> adds to security at all. Any proper use of old-school group
>>>> permissions can give as finely-grained a security policy as you would
>>>> like.
>>>
>>> No, it won't.
>>>
>>> Suppose I'm running CentOS on a workstation, and have a need to access a corporate webapp written in Flash, read corporate documents in PDF, and use other applications written in Java.  So I'm going to be living in my browser for most things corporate.
>>>
>>> How can I prevent a compromised PDF from gaining an attacker access to my entire home directory?  More to the point, how to I prevent that PDF from gaining WRITE access to files in my home directory (say, .bashrc for instance)?
>>
>> If you don't trust your software, run it under a uid that doesn't have
>> write access to anything important - or in a VM or a different machine
>> for that matter.  X has no problem displaying programs running with
>> different uids or locations.
>>
>
> Hurrah! That's it! Just move the problem elsewhere.

Yes, if you are concerned about security of certain files it is indeed a 
good idea to run software you don't trust elsewhere.  And if the problem 
is not trusting software, why are you putting blind faith in the SELinux 
code?

> Oh, you snipped out
> a bit too much. Write access is not just the problem. Being able to
> upload and execute is also a problem. Can you say 'bot'?

You don't need SELinux to mount the space writable by the uid in 
question with the noexec option.

-- 
   Les Mikesell
    lesmikesell at gmail.com



More information about the CentOS mailing list