Package: selinux-policy-default Version: 2:2.20161023.1-9 Severity: normal Dear Maintainer,
the opendkim package (2.11.0~alpha-10+dep9u1) suggests that signing keys should be stored in /etc/dkimkeys and sets up secure permission for that directory. The SELinux policy does not include filecontext rules for this directory. Therefore, the keys get labelled as etc_t, which is readable from lots of domains. The correct label is dkim_milter_private_key_t, which is much more restricted. This label is applied to /etc/opendkim/keys and /var/db/dkim only. These paths do not seem to be advertised by the opendkim package. I chose to file this against selinux-policy-default, but this may also be considered a bug in opendkim for not using a "standard" location by default. I did not tag this as a security issue since DAC prevents access to the signing key by non-root processes, which seems to be good enough for non-SELinux systems. -- System Information: Debian Release: 9.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686)
