[rsbac] quick question

rsbac@rsbac.org rsbac@rsbac.org
Thu, 14 Mar 2002 14:24:00 +0000

with rsbac, the way i understand it, if set up correctly, if a program is exploited, the shell that is granted does not have full permission? eg confine sendmail to one directory, and then the /bin/sh cannot escape from that dirrectory? same with no write files etc etc...

is this correct? or if a program is exploited...does it override rsbac?

The simple way to read all your emails at thatweb