Openmoko Bug #1730: SELinux Kernel Support

Openmoko Public Trac bugs at docs.openmoko.org
Tue Aug 5 02:11:02 CEST 2008


#1730: SELinux Kernel Support
-----------------------------+----------------------------------------------
 Reporter:  willis           |        Owner:  openmoko-kernel
     Type:  enhancement      |       Status:  new            
 Priority:  normal           |    Milestone:                 
Component:  System Software  |      Version:                 
 Severity:  normal           |   Resolution:                 
 Keywords:  selinux, kernel  |     Blocking:                 
Blockedby:                   |  
-----------------------------+----------------------------------------------

Comment(by willis):

 Adding SELinux support to the kernel doesn't force anyone to use SELinux,
 it just gives them an SELinux enabled kernel. SELinux can be kept off by
 default in the rootfs. When installed, the SELinux package would then
 install the policy and turn SELinux on. The trade-off with enabling it by
 default is that the kernel will be larger and boot slower. But if a user
 chooses to install SELinux then they will not be required to flash a new
 kernel image (which they would be required to do if not supported by
 default). I guess the discussion should be: would the number of users that
 would potentially use SELinux on their device support the decision of
 increasing kernel size/boot time? This seems like it would be dependent on
 how much kernel size/boot time increases which I'm not qualified to
 answer. Although if someone would be willing to do some testing on the
 uImage to get empirical data =) ...

 > I wonder what is the story about what we can expect from selinux support
 given we did not take > care about even user / group functional separation
 properly yet in our rootfs.

 True, user/group defaults would go a ways towards increasing security on
 the device. But I think in the meantime (or in spite of this), SELinux on
 a single user device makes a lot of sense. In particular, the benefit of
 SELinux is that it can prevent privilege escalation between two root
 processes by sandboxing each.

-- 
Ticket URL: <https://docs.openmoko.org/trac/ticket/1730#comment:7>
docs.openmoko.org <http://docs.openmoko.org/trac/>
openmoko trac


More information about the openmoko-kernel mailing list