Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Suggest to change template to interface if appropriate #205

Open
cgzones opened this issue May 7, 2021 · 4 comments · May be fixed by #206
Open

Suggest to change template to interface if appropriate #205

cgzones opened this issue May 7, 2021 · 4 comments · May be fixed by #206

Comments

@cgzones
Copy link
Contributor

cgzones commented May 7, 2021

If a template does not define anything (type, attribute, ...) and does not call a template, suggest to change to an interface.

Find SELinuxProject/refpolicy@bf6cc10

@dburgener
Copy link
Member

I had thought we already had this, but it looks like we only have the other way around (S-004 and S-005 show definitions or template calls in interfaces).

One thing to consider here is this: https://github.com/SELinuxProject/refpolicy/blob/0c5a622fea7ebe660465da6296460b7e7b1a9d08/policy/modules/services/xserver.if#L310

This is a template rather than an interface because it uses a prefix, but it doesn't declare any types. Refpolicy does selint-disable:S-004 in an interface that calls it to accomodate.

I believe I spoke to @pebenito about this back when we were implementing selint in refpolicy and my recollection is that he said that in his view the definition of template was the use of prefixes rather than types, attributes etc in arguments. It might be preferable if we do a check as you suggest to implement it based on the prefix definition rather than the declaration definition.

@pebenito
Copy link
Member

pebenito commented May 7, 2021

The main differences between interfaces and templates is interfaces cannot:

  • declare anything (no side effects)
  • use prefixes.

@cgzones
Copy link
Contributor Author

cgzones commented May 7, 2021

With this classification, was the commit SELinuxProject/refpolicy@bf6cc10 correct, cause systemd_user_daemon_domain() takes a prefix as first argument?

@pebenito
Copy link
Member

pebenito commented May 7, 2021

You're correct, I missed that. I reverted the change.

cgzones added a commit to cgzones/selint that referenced this issue May 10, 2021
Interfaces in the refpolicy should not:
  - declare anything (no side effects)
  - use prefix parameters

Add one check to find interfaces that should be declared as a template
and one check to find templates that can be declared as an interface.

Refpolicy findings:

qemu.if:            112: (S): Template qemu_role might be declared as an interface (S-012)
wm.if:              142: (S): Interface wm_dbus_chat should be a template, due to parameter 0 (S-011)
wm.if:              250: (S): Interface wm_write_pipes should be a template, due to parameter 0 (S-011)
gnome.if:           673: (S): Interface gnome_dbus_chat_gkeyringd should be a template, due to parameter 0 (S-011)
gnome.if:           741: (S): Interface gnome_stream_connect_gkeyringd should be a template, due to parameter 0 (S-011)
userdomain.if:     1431: (S): Template userdom_security_admin_template might be declared as an interface (S-012)
kismet.if:           18: (S): Template kismet_role might be declared as an interface (S-012)
dbus.if:            193: (S): Interface dbus_connect_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            245: (S): Interface dbus_spec_session_bus_client should be a template, due to parameter 0 (S-011)
dbus.if:            298: (S): Interface dbus_send_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            436: (S): Interface dbus_spec_session_domain should be a template, due to parameter 0 (S-011)
rlogin.if:           32: (S): Template rlogin_read_home_content might be declared as an interface (S-012)
git.if:              18: (S): Template git_role might be declared as an interface (S-012)
Found the following issue counts:
S-011: 8
S-012: 5

Closes: SELinuxProject#205
cgzones added a commit to cgzones/selint that referenced this issue May 10, 2021
Interfaces in the refpolicy should not:
  - declare anything (no side effects)
  - use prefix parameters

Add one check to find interfaces that should be declared as a template
and one check to find templates that can be declared as an interface.

Refpolicy findings:

qemu.if:            112: (S): Template qemu_role might be declared as an interface (S-012)
wm.if:              142: (S): Interface wm_dbus_chat should be a template, due to parameter 0 (S-011)
wm.if:              250: (S): Interface wm_write_pipes should be a template, due to parameter 0 (S-011)
gnome.if:           673: (S): Interface gnome_dbus_chat_gkeyringd should be a template, due to parameter 0 (S-011)
gnome.if:           741: (S): Interface gnome_stream_connect_gkeyringd should be a template, due to parameter 0 (S-011)
userdomain.if:     1431: (S): Template userdom_security_admin_template might be declared as an interface (S-012)
kismet.if:           18: (S): Template kismet_role might be declared as an interface (S-012)
dbus.if:            193: (S): Interface dbus_connect_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            245: (S): Interface dbus_spec_session_bus_client should be a template, due to parameter 0 (S-011)
dbus.if:            298: (S): Interface dbus_send_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            436: (S): Interface dbus_spec_session_domain should be a template, due to parameter 0 (S-011)
rlogin.if:           32: (S): Template rlogin_read_home_content might be declared as an interface (S-012)
git.if:              18: (S): Template git_role might be declared as an interface (S-012)
Found the following issue counts:
S-011: 8
S-012: 5

Closes: SELinuxProject#205
cgzones added a commit to cgzones/selint that referenced this issue May 10, 2021
Interfaces in the refpolicy should not:
  - declare anything (no side effects)
  - use prefix parameters

Add one check to find interfaces that should be declared as a template
and one check to find templates that can be declared as an interface.

Refpolicy findings:

qemu.if:            112: (S): Template qemu_role might be declared as an interface (S-012)
wm.if:              142: (S): Interface wm_dbus_chat should be a template, due to parameter 0 (S-011)
wm.if:              250: (S): Interface wm_write_pipes should be a template, due to parameter 0 (S-011)
gnome.if:           673: (S): Interface gnome_dbus_chat_gkeyringd should be a template, due to parameter 0 (S-011)
gnome.if:           741: (S): Interface gnome_stream_connect_gkeyringd should be a template, due to parameter 0 (S-011)
userdomain.if:     1431: (S): Template userdom_security_admin_template might be declared as an interface (S-012)
kismet.if:           18: (S): Template kismet_role might be declared as an interface (S-012)
dbus.if:            193: (S): Interface dbus_connect_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            245: (S): Interface dbus_spec_session_bus_client should be a template, due to parameter 0 (S-011)
dbus.if:            298: (S): Interface dbus_send_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            436: (S): Interface dbus_spec_session_domain should be a template, due to parameter 0 (S-011)
rlogin.if:           32: (S): Template rlogin_read_home_content might be declared as an interface (S-012)
git.if:              18: (S): Template git_role might be declared as an interface (S-012)
Found the following issue counts:
S-011: 8
S-012: 5

Closes: SELinuxProject#205
cgzones added a commit to cgzones/refpolicy that referenced this issue May 13, 2021
Following the guideline of interfaces not allowed to declare anything
and not use prefix parameters, declare interfaces doing so as templates.

Also declare templates not using those features and not calling
templates themselves as interfaces.

These changes originate from the discussion in
SELinuxProject/selint#205 and are found by
new proposed SELint checks at
SELinuxProject/selint#207.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
cgzones added a commit to cgzones/refpolicy that referenced this issue May 13, 2021
Following the guideline of interfaces not allowed to declare anything
and not use prefix parameters, declare interfaces doing so as templates.

Also declare templates not using those features and not calling
templates themselves as interfaces.

These changes originate from the discussion in
SELinuxProject/selint#205 and are found by
new proposed SELint checks at
SELinuxProject/selint#206.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
cgzones added a commit to cgzones/selint that referenced this issue May 27, 2021
Interfaces in the refpolicy should not:
  - declare anything (no side effects)
  - use prefix parameters

Add one check to find interfaces that should be declared as a template
and one check to find templates that can be declared as an interface.

Refpolicy findings:

qemu.if:            112: (S): Template qemu_role might be declared as an interface (S-012)
wm.if:              142: (S): Interface wm_dbus_chat should be a template, due to parameter 0 (S-011)
wm.if:              250: (S): Interface wm_write_pipes should be a template, due to parameter 0 (S-011)
gnome.if:           673: (S): Interface gnome_dbus_chat_gkeyringd should be a template, due to parameter 0 (S-011)
gnome.if:           741: (S): Interface gnome_stream_connect_gkeyringd should be a template, due to parameter 0 (S-011)
userdomain.if:     1431: (S): Template userdom_security_admin_template might be declared as an interface (S-012)
kismet.if:           18: (S): Template kismet_role might be declared as an interface (S-012)
dbus.if:            193: (S): Interface dbus_connect_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            245: (S): Interface dbus_spec_session_bus_client should be a template, due to parameter 0 (S-011)
dbus.if:            298: (S): Interface dbus_send_spec_session_bus should be a template, due to parameter 0 (S-011)
dbus.if:            436: (S): Interface dbus_spec_session_domain should be a template, due to parameter 0 (S-011)
rlogin.if:           32: (S): Template rlogin_read_home_content might be declared as an interface (S-012)
git.if:              18: (S): Template git_role might be declared as an interface (S-012)
Found the following issue counts:
S-011: 8
S-012: 5

Closes: SELinuxProject#205
0xC0ncord pushed a commit to 0xC0ncord/hardened-refpolicy that referenced this issue Jul 20, 2021
Following the guideline of interfaces not allowed to declare anything
and not use prefix parameters, declare interfaces doing so as templates.

Also declare templates not using those features and not calling
templates themselves as interfaces.

These changes originate from the discussion in
SELinuxProject/selint#205 and are found by
new proposed SELint checks at
SELinuxProject/selint#206.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
0xC0ncord pushed a commit to 0xC0ncord/hardened-refpolicy that referenced this issue Jul 21, 2021
Following the guideline of interfaces not allowed to declare anything
and not use prefix parameters, declare interfaces doing so as templates.

Also declare templates not using those features and not calling
templates themselves as interfaces.

These changes originate from the discussion in
SELinuxProject/selint#205 and are found by
new proposed SELint checks at
SELinuxProject/selint#206.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
perfinion pushed a commit to perfinion/hardened-refpolicy that referenced this issue Sep 5, 2021
Following the guideline of interfaces not allowed to declare anything
and not use prefix parameters, declare interfaces doing so as templates.

Also declare templates not using those features and not calling
templates themselves as interfaces.

These changes originate from the discussion in
SELinuxProject/selint#205 and are found by
new proposed SELint checks at
SELinuxProject/selint#206.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants