[rsbac] Problem with RSBAC 1.2.4 pre3 and Kernel 2.4.27
Patrique Wolfrum
Patrique.Wolfrum at vwl.uni-freiburg.de
Mon Dec 20 16:00:43 CET 2004
Hello,
>>>>rsbac_adf_request(): request MODIFY_SYSTEM_DATA, pid 1645, ppid 1628, prog_name bash, uid 0, audit_uid, target type PROCESS, tid
>>>>1645, attr kernel_thread, value 0, result NOT_GRANTED by ACL
>>>>
>>>>
>>>This is setting the priority of a process. You can grant this right
>>>without problems.
>>>
>>>
>>>
>>>
>>I tried to find this setting, but I could't find it. Could you please give me hint where to look it ?
>>
>>
>
>Try
>rsbac_acl_menu PROCESS :DEFAULT:
>then select Group everyone and add the right - if you cannot see it
>there, you found a bug.
>
>
I tried that, and I only see the following items:
CHANGE_GROUP
CHANGE_OWNER
CLONE
CREATE
GET_STATUS_DATA
MODIFY_ATTRIBUTE
SEND_SIGNAL
TERMINATE
TRACE
CHANGE_DAC_EFF_OWNER
CHANGE_DAC_FS_OWNER
FORWARD
ACCESS_CONTROL
SUPERVISOR
Is it one of these ?
>Ouch, the rc_set_item help is wrong. The correct value is 4294967294
>or -2. The special values have changed long ago, somehow the help
>survived with old values. Here the menu would have used the correct
>values.
>
>
Thank you very much. That did it ;-).
With best regards.
Patrique Wolfrum
--
Patrique Wolfrum
Administrator - Fakultätsserver
Albert-Ludwigs-Universität Freiburg im Breisgau
Institut für allgemeine Wirtschaftsforschung
Abteilung für Wirtschaftsinformatik
Kollegiengebäude II
Platz der Alten Synagoge
79085 Freiburg
Tel.: 0761 - 203-2397
More information about the rsbac
mailing list