Project

General

Custom queries

Profile

Actions
Copy link

Feature #4464

closed

Implement SELinux policy for smart-proxy

Added by Lukas Zapletal about 11 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Urgent
Assignee:
Lukas Zapletal
Category:
Packaging
Target version:
1.8.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/smart-proxy/pull/201
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Now the question is how deep we want to go. Smart proxy can be configured to spawn virsh via sudo and other stuff. I guess we should limit what is covered by the policy.

Actions
Copy link
 #1

Updated by Dominic Cleal about 11 years ago

Agreed... the trouble is also that the proxy codebase is messy and it has a lot of ugly implementations. I think the policy should probably be very tunable depending on what type of work the proxy is configured for.

Actions
Copy link
 #2

Updated by Lukas Zapletal almost 11 years ago

  • Priority changed from Normal to High

OSP guys rely on this feature, boosting priority: https://bugzilla.redhat.com/show_bug.cgi?id=1105154

Actions
Copy link
 #4

Updated by Lukas Zapletal over 10 years ago

  • Status changed from New to Assigned
  • Assignee set to Lukas Zapletal
  • Priority changed from High to Urgent

Yup, it's official. I started works on the foreman-proxy policy.

Actions
Copy link
 #12

Updated by Anonymous over 10 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link

Also available in: Atom PDF