[rsbac] (no subject)

Amon Ott rsbac@rsbac.org
Mon May 6 10:09:01 2002

On Friday, 3. May 2002 09:49, Amon Ott wrote:
> On Friday, 3. May 2002 05:09, Metrix wrote:
> > just a few more questions, I was wondering how it is
> > possible wit rsbac to stop users seeing other users
> > processes, like in grsecurity. Also, if i set a
> > directory to append_only with ff flags, it is still
> > possible to create files with cat, although they
> > contain no data. 
> Congratulation, you found another bug. Please use the attached patch 
> rsbac/adf/ff/ff_main.c.

Sorry for the confusion, this was *not* a bug, but intended. append_only is 
for log files, so programs must be able to create the files, but they can 
only append to existing files. For appending you also need WRITE, so both 
changes in the patch are wrong.