[rsbac] (no subject)

Amon Ott rsbac@rsbac.org
Fri May 3 16:40:02 2002

Previous message: [rsbac] (no subject)
Next message: [rsbac] (no subject)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday, 3. May 2002 10:26, Martin Tomasek wrote:
> Amon, why have all /proc/$pid/fd directories greater rights with rsbac?
> You have written in linux-2.4.18/fs/proc/base.c:
> +  #ifdef CONFIG_RSBAC                                                      
    
> +  /* allow read, execute for group, others for administration */           
    
> +  E(PROC_PID_FD,       "fd",           S_IFDIR|S_IRUGO|S_IXUGO),           
    
> +  #else                                                                    
    
>    E(PROC_PID_FD,       "fd",           S_IFDIR|S_IRUSR|S_IXUSR),           
    
> +  #endif

Thanks for telling, this is a left-over from the old network access control 
implementation. Secoff needed access to the socket names for IPC 
administration. Removed in my tree.

Amon.
--
http://www.rsbac.org

Previous message: [rsbac] (no subject)
Next message: [rsbac] (no subject)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]