[fmac-discuss] Type for utmpx
Stephen Smalley
sds at tycho.nsa.gov
Wed Jun 10 08:12:03 PDT 2009
On Wed, 2009-06-10 at 07:55 -0700, John Weeks wrote:
> While working on the next batch of policy changes, I noticed that the type for /var/adm/utmpx is var_log_t. Should it have its own type like wtmpx (wtmp_t)?
That's because /var/adm is presently being labeled as var_log_t, and
utmpx gets re-created on each boot (at least on Linux, don't know for
sure about Solaris), so keeping it with a distinct type would require
either a type_transition rule in policy (if the creating process runs in
its own domain and doesn't create other files under the same parent
directory) or the explicit preservation of the security context by the
creating process.
--
Stephen Smalley
National Security Agency
More information about the fmac-discuss
mailing list