On Tue, May 25, 2010 at 10:03:38PM -0400, Jason Pyeron wrote:
If you look at it as the two different commands, then they may have different permissions, owners, contexts, etc...
/bin/sh vs /etc/init.d/smb
I am just logically guessing here but ...
Let me follow your logic here. So the extra selinux labels differentiate what /bin/sh, as a shell, calling the /etc/init.d/smb script, can do from what /etc/init.d/smb, which in its first line invokes /bin/sh to run it, can do. Okay, that sort of makes sense.
So with selinux, in general any script that selinux would stop from running due to the script's own extra selinux file tags can be run if Evil Intruder simply invokes the same script with its shell first - sh or perl or python or whatever? That counts as security? Through what? The obscurity of this devious workaround?
Whit