From tazok.id0 at gmail.com Mon Mar 7 16:15:51 2011 From: tazok.id0 at gmail.com (=?ISO-8859-1?Q?Javier_Juan_Mart=EDnez_Cabez=F3n?=) Date: Mon, 7 Mar 2011 16:15:51 +0100 Subject: [rsbac] RC learning mode, automatic role generations Message-ID: Hi, ?would be useful (and hard to implement) to make an rc_learning mode that creates it's own roles and types? I think that mostly every time execution that follows a change owner to user (group) target (as happens with daemons that drops privileges) should be always isolated in its own role (one for privilege role and other one to dropped one) maybe this could be one nice way to say learning mode"here you have to create a role". About the types, could be more tricky since a lot of roles can access to the same types but learning mode could create the types indicated to this ones thats belongs to general_type ones (0) and only granting privileges to the other "manual created" ones At this way I think we could do one more reliable learning mode and a bit more secure since we make learning mode more "less privilege approach". What do you think? From tazok.id0 at gmail.com Mon Mar 7 16:21:37 2011 From: tazok.id0 at gmail.com (=?ISO-8859-1?Q?Javier_Juan_Mart=EDnez_Cabez=F3n?=) Date: Mon, 7 Mar 2011 16:21:37 +0100 Subject: [rsbac] RC learning mode, automatic role generations In-Reply-To: References: Message-ID: PD: to those software that don't need change owner I think that we could indicate rc_learning mode to create roles on binaries that need make use of IPC's (so this one could be a way to say rc_learning mode "cut here". don't you think? El 7 de marzo de 2011 16:15, Javier Juan Mart?nez Cabez?n < tazok.id0 at gmail.com> escribi?: > > Hi, ?would be useful (and hard to implement) to make an rc_learning mode > that creates it's own roles and types? > > I think that mostly every time execution that follows a change owner to > user (group) target (as happens with daemons that drops privileges) should > be always isolated in its own role (one for privilege role and other one to > dropped one) maybe this could be one nice way to say learning mode"here you > have to create a role". About the types, could be more tricky since a lot of > roles can access to the same types but learning mode could create the types > indicated to this ones thats belongs to general_type ones (0) and only > granting privileges to the other "manual created" ones > > At this way I think we could do one more reliable learning mode and a bit > more secure since we make learning mode more "less privilege approach". > > What do you think? > > > From jens at kasten-edv.de Mon Mar 7 17:37:20 2011 From: jens at kasten-edv.de (Jens Kasten) Date: Mon, 07 Mar 2011 17:37:20 +0100 Subject: [rsbac] RC learning mode, automatic role generations In-Reply-To: References: Message-ID: <1299515840.5568.13.camel@jaschtschik-pc> Hi, maybe thats would be nice. I don't know how much work it could be. Usual I set a up everything befor in Softmode without rc learning. Than reboot the system in Softmode with rc learning and do login and then reboot the system again. The reboot is than in Secmode an almost work except few things. The rc learning would not guess in the right way the role compatibility and other special cases. But the main work is done, when do carefully, well. Particulary would be nice to have a possibility to tell the rc learning for which role and rc-type it should learn. In addition would be nice if the rc learning would have to exclude the default role 0,1,2 e.g. So that a directory which is set to rc-type 3000 and a 'program' enter this directory not automatic apply all nessesary rights. Jens Am Montag, den 07.03.2011, 16:15 +0100 schrieb Javier Juan Mart?nez Cabez?n: > Hi, ?would be useful (and hard to implement) to make an rc_learning mode > that creates it's own roles and types? > > I think that mostly every time execution that follows a change owner to user > (group) target (as happens with daemons that drops privileges) should be > always isolated in its own role (one for privilege role and other one to > dropped one) maybe this could be one nice way to say learning mode"here you > have to create a role". About the types, could be more tricky since a lot of > roles can access to the same types but learning mode could create the types > indicated to this ones thats belongs to general_type ones (0) and only > granting privileges to the other "manual created" ones > > At this way I think we could do one more reliable learning mode and a bit > more secure since we make learning mode more "less privilege approach". > > What do you think? > _______________________________________________ > rsbac mailing list > rsbac at rsbac.org > http://www.rsbac.org/mailman/listinfo/rsbac From tazok.id0 at gmail.com Mon Mar 7 18:02:02 2011 From: tazok.id0 at gmail.com (=?ISO-8859-1?Q?Javier_Juan_Mart=EDnez_Cabez=F3n?=) Date: Mon, 7 Mar 2011 18:02:02 +0100 Subject: [rsbac] RC learning mode, automatic role generations In-Reply-To: <1299515840.5568.13.camel@jaschtschik-pc> References: <1299515840.5568.13.camel@jaschtschik-pc> Message-ID: 2011/3/7 Jens Kasten > > > The rc learning would not guess in the right way the role compatibility > and other special cases. But the main work is done, when do carefully, > well. > > Particulary would be nice to have a possibility to tell the rc learning > for which role and rc-type it should learn. > > > _______________________________________________ > rsbac mailing list > rsbac at rsbac.org > http://www.rsbac.org/mailman/listinfo/rsbac This is planned to implementation in rsbac version 1.5. I think it could be safer to make learning mode to automatic generate roles and types in software that are in /sbin /usr/sbin that use IPC as /sbin/init could be or daemons as ssh. With this novice users that don't know that it should be isolated it could be at least a bit safer. I'm not so sure in binaries that are under /usr/bin in particular (with the Xorg exception) such as firefox since I don't see with good eyes that every user share the same rol in navigation being needed a role transition between firefox_r and user_r to avoid that root for example could navigate through users directories and being at least a more properly solution a simply jail for example that RC, in these cases a further restriction could be needed (at least CAP_DAC_READ_SEARCH DAC_OVERRIDE revoked). From m.mahmoudi at gawab.com Tue Mar 8 08:23:57 2011 From: m.mahmoudi at gawab.com (Mohammad Mahmoudi) Date: Tue, 08 Mar 2011 07:23:57 GMT Subject: [rsbac] RSBAC vs Btrfs Message-ID: <20110308072357.6822.qmail@info3.gawab.com> I have installed RSBAC precompiled Linux kernel 2.6.32 on my system. Root file system is Btrfs. But, system can not reboot or shutdown. Why? ----------------------------------------------------------------------------------------------------------------------- Send big files for free. Simple steps. No registration. Visit now http://www.nawelny.com From tazok.id0 at gmail.com Tue Mar 8 18:36:58 2011 From: tazok.id0 at gmail.com (=?ISO-8859-1?Q?Javier_Juan_Mart=EDnez_Cabez=F3n?=) Date: Tue, 8 Mar 2011 18:36:58 +0100 Subject: [rsbac] RSBAC vs Btrfs In-Reply-To: <20110308072357.6822.qmail@info3.gawab.com> References: <20110308072357.6822.qmail@info3.gawab.com> Message-ID: Please try to give some more information to permit us to help you properly. I suppose that you can boot perfectly, but only you have troubles rebooting and shutting down the system. Some questions that could be of interest are: Is secure delete activated? Is trying your init using it on this btrfs system? Secure delete IS NOT supported in btrfs, so don't get it enabled. Which modules did you enable? Another question that you shall check with your logs, has Init enough privileges to shutdown/rebooting the system Is CAP_SYS_BOOT and CAP_SYS_ADMIN granted? 2011/3/8 Mohammad Mahmoudi > > I have installed RSBAC precompiled Linux kernel 2.6.32 on my system. Root > file system is Btrfs. But, system can not reboot or shutdown. Why? > > > > ----------------------------------------------------------------------------------------------------------------------- > Send big files for free. Simple steps. No registration. > Visit now http://www.nawelny.com > _______________________________________________ > rsbac mailing list > rsbac at rsbac.org > http://www.rsbac.org/mailman/listinfo/rsbac > From m.mahmoudi at gawab.com Sun Mar 13 11:50:51 2011 From: m.mahmoudi at gawab.com (Mohammad Mahmoudi) Date: Sun, 13 Mar 2011 10:50:51 GMT Subject: [rsbac] RSBAC vs. Btrfs (shutdown problem) Message-ID: <20110313105051.3169.qmail@info3.gawab.com> Thanks a lot for your reply. In my rsbac config., secure delete disabled. CAP module not enabled. Only. AUTH,RC, and MAC modules have enabled. System boots in softmode, thus policy is not enforce. Javier Juan Martínez Cabezón gmail.com> writes: > > Please try to give some more information to permit us to help you properly. > > I suppose that you can boot perfectly, but only you have troubles rebooting > and shutting down the system. > > Some questions that could be of interest are: Is secure delete activated? Is > trying your init using it on this btrfs system? > > Secure delete IS NOT supported in btrfs, so don't get it enabled. > > Which modules did you enable? > > Another question that you shall check with your logs, has Init enough > privileges to shutdown/rebooting the system > > Is CAP_SYS_BOOT and CAP_SYS_ADMIN granted? > > 2011/3/8 Mohammad Mahmoudi gawab.com> > > > > > I have installed RSBAC precompiled Linux kernel 2.6.32 on my system. Root > > file system is Btrfs. But, system can not reboot or shutdown. Why? > > > > ----------------------------------------------------------------------------------------------------------------------- Send big files for free. Simple steps. No registration. Visit now http://www.nawelny.com From tazok.id0 at gmail.com Tue Mar 15 15:52:44 2011 From: tazok.id0 at gmail.com (=?ISO-8859-1?Q?Javier_Juan_Mart=EDnez_Cabez=F3n?=) Date: Tue, 15 Mar 2011 15:52:44 +0100 Subject: [rsbac] RSBAC vs. Btrfs (shutdown problem) In-Reply-To: <20110313105051.3169.qmail@info3.gawab.com> References: <20110313105051.3169.qmail@info3.gawab.com> Message-ID: Check your logs and send us the last lines when you shutdown your system 2011/3/13 Mohammad Mahmoudi > Thanks a lot for your reply. > > In my rsbac config., secure delete disabled. CAP module not enabled. > Only. AUTH,RC, and MAC modules have enabled. System boots in softmode, > thus policy is not enforce. > > Javier Juan Martínez Cabezón gmail.com> writes: > > > > > Please try to give some more information to permit us to help you > properly. > > > > I suppose that you can boot perfectly, but only you have troubles > rebooting > > and shutting down the system. > > > > Some questions that could be of interest are: Is secure delete activated? > Is > > trying your init using it on this btrfs system? > > > > Secure delete IS NOT supported in btrfs, so don't get it enabled. > > > > Which modules did you enable? > > > > Another question that you shall check with your logs, has Init enough > > privileges to shutdown/rebooting the system > > > > Is CAP_SYS_BOOT and CAP_SYS_ADMIN granted? > > > > 2011/3/8 Mohammad Mahmoudi gawab.com> > > > > > > > > I have installed RSBAC precompiled Linux kernel 2.6.32 on my system. > Root > > > file system is Btrfs. But, system can not reboot or shutdown. Why? > > > > > > > > > > ----------------------------------------------------------------------------------------------------------------------- > Send big files for free. Simple steps. No registration. > Visit now http://www.nawelny.com > _______________________________________________ > rsbac mailing list > rsbac at rsbac.org > http://www.rsbac.org/mailman/listinfo/rsbac >