turn the /etc/shadow argument on it's head
Posted Apr 27, 2006 7:48 UTC (Thu) by dlang
(✭ supporter ✭
Parent article: The AppArmor debate begins
if AppArmor won't protect you if you manage to create a new name for the file /etc/shadow, SELinux (which doesn't care about filenames, only the files themselves) won't protect you if you manage to change the name /etc/shadow to point at a new file.
you know what? every other program in the system will try to access whatever file /etc/shadow is pointing at, they won't care about the object that used to be called /etc/shadow that SELinux is still protecting, they'll happily use the new file
any way that you mark all things that access /etc/shadow to only access the 'true' /etc/shadow file requires active work to maintain over time (every program that modifies it, including vi/emacs, will need to set the correct SELinux label, and if any of them get it wrong, the whole system stops)
while AppArmor doesn't try to do everything that SELinux attempts to do, in some ways it's far more useful.
P.S. I still haven
t seen an example of how to set and maintain permissions along the lines of /home/*/public_html/* to pull an example the AA people have used to show the power of the path based approach
to post comments)