Stephen Smalley wrote:
On Wed, 2005-01-05 at 02:21, Bob Kashani wrote:
I read the thread and I seem to understand the technical reason behind why ldconfig is restricted in the way that it is (the security side of the issue). But is seems a little harsh from a usability point of view since for example, you can no longer run ldconfig in a chroot in your home dir. I like fine grained security but isn't the whole idea behind policy-targeted to enable security without restricting usability too much? I would understand not allowing ldconfig to execute in /home with policy-strict but shouldn't policy-targeted allow you to do this regardless of the potential security issues? Do the security concerns in this case outweigh the usability issues?
I'm not clear on why ldconfig runs in its own domain at all under targeted policy (vs. unconfined_t). It used to just run unconfined_t in older versions of the targeted policy. Is it an attempt to preserve the type on /etc/ld.so.cache via the file type transition rules?
Yes.