[rsbac] Role for initrd(linuxrc) and oops in logs
Amon Ott
ao at rsbac.org
Thu Jul 22 10:14:01 CEST 2004
On Montag, 19. Juli 2004 13:07, Rob See wrote:
> >We might add the role to the process calling rsbac_init(), but this
would
> >not help you in the case of the external rsbac_init program. Maybe also
> >add for its parent process.
> >
> >How is your call chain? linuxrc calling rsbac_init directly?
> >
> I'm using rsbac_delayed_root. linuxrc mounts the root partition.
And this triggers RSBAC init. mount is a subprocess of linuxrc, so by
changing mount's parent process' role, we would have done it.
But this does not work in the case of an rsbac_init call after boot,
because then a user controlled process would get a privileged role.
Does your linuxrc really need a role other than 0? It could start another
script after mounting root, which has an initial role set.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde geschreddert...
Dateiname : nicht verf?gbar
Dateityp : application/pgp-signature
Dateigr??e : 189 bytes
Beschreibung: signature
URL : http://www.rsbac.org/pipermail/rsbac/attachments/20040722/d3e8d931/attachment.bin
More information about the rsbac
mailing list