[rsbac] 2 questions
Amon Ott
rsbac@rsbac.org
Mon Apr 8 09:56:01 2002
On Monday, 8. April 2002 05:16, Metrix wrote:
> first of all, why does sshd still work, without any
> rsbac configuration, yet it is running as root?
You can still login as root, because sshd does not setuid to another id. In
1.2.0, even a setuid to the same id gets checked - if the program does the
call in that case.
> second, mucking around with settings, i mucked up
> httpd, what are the recommended settings fo apache?
That's a bit more complicated. apache needs to read_open, execute/map_exec
and close libraries, read access to web data and append/write access to its
logging dir. Choose the two necessary RC types and give apache a special
role. If you have not yet put your libs into a separate type, now is the best
time to do it...
A howto doc is on the way, where such things will probably be explained.
apache might also make its way into the examples page.
Amon.
--
http://www.rsbac.org