Válasz: Re: [rsbac] rsbac_rc_get_item () returned error -1009! rsbac thread pid 4294967295 ?? BUG in attr_set_user

[Amon Ott]

On Dienstag, 20. Januar 2004 11:52, Amon Ott wrote:
> On Montag, 19. Januar 2004 14:47, Chirag Pandya wrote:
> > > > attr_set_user -V 66050 remotecopy rc_def_role
> > > 20185
> > > > although there was no remotecopy user on the
> > > system. Unfortunately it
> > > > didn't say "There is no user" or some similar
> > > error message instead it
> > > > applied it to user 0 !!!!
> > > 
> > > This is really bad - I thought I had fixed it
> > > already. Will be corrected soon.
> > 
> > Similar problems also exist in the attr_set_file_dir
> > call,
> > For example, as secoff, if I type
> > attr_set_file_dir MAC FILE <some_program>
> > mac_trusted_for_user <some__user_name xxx>
> > 
> > The attribute gets applied to user "root".  It doesn't
> > matter if "xxx" exists or not.
> > UID's work fine.
> 
> OK, will fix that, too.

I believe to have fixed all such cases in my code tree now.

There was a logical error in the previous code, which accepted the 0 value 
instead of exiting with an error. Additionally, some places missed the code 
altogether. Somehow I never happended to run into the problem myself, until 
just after you reported the problem.

Now there is a separate function rsbac_get_uid, which takes proper care of all 
cases (and which is also smaller and faster :).

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22