Re: [patch] CUPS 1.2 SELinux policy changes...

On Sunday 13 November 2005 00:18, Michael Sweet <mike@xxxxxxxxxx> wrote:
> > Please don't remove comments such as "this is not ideal, and allowing
> > setattr access to cupsd_etc_t is wrong".  That's a design flaw in cupsd,
> > eventually we want to fix it.  Removing the comment decreases the chance
> > of such a design flaw ever being corrected.
>
> Well, given that the comment does not describe the "design flaw" in
> enough detail to be useful, and that no one has posted this "design
> flaw" to any of the CUPS forums or the STR page on the CUPS site, it
> seemed like I was removing a comment that was confusing and
> uninformative.
>
> What is the design flaw?

The fact that cups requires write access to it's config directory and all 
config files.

> > The hplip and ptal policies are OK in the same file as cups.  They are
> > printer-specific programs.  Having separate lpd and cups files is more of
> > a problem.  As we seem to be moving away from the traditional lpd we will
> > probably change things in this regard.
> >
> > When there is policy involving access between initrc_t and the
> > domains/types defined in a daemon policy file then this belongs in the
> > policy file for the daemon.  Important files such as initrc.te should not
> > have sections for all the many daemons that need to interact with them.
>
> Fair enough.  Can we at least segment the rules in each of the files
> so that it is clear which rules apply to which sub-programs?

Sure.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page