On Thu, 15 Nov 2007 11:30:16 PST, "Clarkson, Mike R (US SSA)" said: > Is there a compelling reason to protect the getattr permission with mls > constraints? > > The RHEL5 policy treats the gettattr the same way read is treated with > respect to mls constraints. What information that may be classified is > being protected?
For some threat models, the ability to detect "MLS level xyzzy exists on this system" is in itself Bad Juju. Being able to determine that file ABC is unreadable because it's in level xyzzy is, itself, potentially unacceptable information leakage....
pgpEsFV4kLBVm.pgp
Description: PGP signature
-- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
