[Pkg-shadow-devel] Bug#472575: Bug#472575: /usr/bin/passwd needs patch for better SE Linux support
Nicolas François
nicolas.francois at centraliens.net
Tue Mar 25 10:03:37 UTC 2008
On Tue, Mar 25, 2008 at 10:51:54AM +1100, russell at coker.com.au wrote:
>
> The following patch makes the SE Linux tests more strict, when the real UID
> (the return value of getuid()) is 0 SE Linux checks will be performed.
>
> With this patch if you are running the Strict SE Linux policy a shell user
> who gains UID==0 (EG by exploiting a SUID root binary) can't change the root
> password. With SE Linux Strict policy a user who has UID==0 and the role
> user_r can do little damage to the system.
Thanks for the patch. I will commit it for 4.1.1.
> I'll send a patch for unstable shortly (this patch may work with unstable
> but I haven't had a chance to test it).
That is not necessary. The patch is clear, and I will port it to 4.1.1.
Is this something that should be also applied to the other tools of the
shadow toolsuite?
(usermod, userdel, newusers, chpasswd could all be used to change the
user's password; chage, or chfn could also do some harm by locking the
account, the password or some logins (but I don't know if root would be
affected))
Just to understand a bit more SE Linux, why don't you want to protect against
changes to non-root accounts?
(If I understand correctly, an extra command is needed to get the user_r
role, and you don't want to force admins to use this command for every
changes, only the ones which may endanger the system. Is that right?)
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list