• 1

unconfined == root?

If I understand you correctly, the unconfined user can always relabel his apps into whatever domain is convenient for him. So in essence he has the capabilities of all of them. So we arrive back at the idea of the all-powerful root, aka the guy who holds all the keys.

The NULL pointer exploit thing is big and flashy, but I have a hunch that there are other ways to escalate from unconfined --> root. I think you are going to have to forbid non-root users from running as "unconfined."

Anyway, in spite of all the difficulties, I'm glad you guys are working on selinux. Capability-based security is definitely an idea whose time has come...


  • 1

Log in