On Wednesday, 27. March 2002 05:37, Metrix wrote: > who shoud the rsbac executables in /usr/local/bin be > owned by? secoff? root? Does not matter, because root can modify them anyway. They must be protected by RSBAC, e.g. by FF flag read-only or, more flexible, as a separate 'Executables' RC type. Amon. -- http://www.rsbac.org