[DSE-Dev] Transition unconfined users to dpkg_t domain
Laurent Bigonville
bigon at debian.org
Tue Jan 7 12:29:19 UTC 2014
Hello,
Currently in the refpolicy unconfined users can transition to the rpm_t
(and then to rpm_script_t) domain when using the rpm commands.
On the other hand, the transition is not allowed for unconfined users
to transition to dpkg_t. Shouldn't also be the case?
I can propose a patch if you want, but I prefer to ask first as I know
there are some discussion about transitioning users out of the
unconfined domain.
Also, since 1.17.0, dpkg is transitioning maintainer scripts to the
dpkg_script_t domain. Unfortunately the dpkg-reconfigure script (which
is in perl) is not doing so. An idea how this should be done? I've
opened [0] is somebody is interested.
Cheers,
Laurent Bigonville
[0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732845
More information about the SELinux-devel
mailing list