[rsbac] Strange random errors
Amon Ott
ao at rsbac.org
Fri Jun 24 10:57:36 CEST 2005
On Freitag 24 Juni 2005 10:32, Rafal Bisingier wrote:
> I'm using
>
http://fixed.rsbac.mprivacy-update.de/linux-2.6.11-rsbac-v1.2.4-pax-20050613.tar.bz2
> compiled without symlink redirection, but quite offten I obseve
> problems running different programs. There are two type of errors.
First
> ends with plain "memory fault", or "segmetation fault" and a program
Do you use RSBAC User Management?
> crash, the second is: "Inconsistency detected by ld.so: rtld.c:
1075: dl_main:
> Assertion `_rtld_local._dl_rtld_map.l_libname' failed!"
Never seen this message before. Does this also happen with PaX
disabled?
> BTW: I tried to use FF module. I wanted to set execute_only flag
> on some files, but then on every exec I got an error for READ
> request not granted by FF (behaviour of FF module is corect, but why
I
> need read right to just run a progam?)
All scripts first start the interpreter, which then READs the script
to interpret it. execute_only only works for binaries. Please try the
file utility, then you will see how many programs are scripts.
> One more thing with the FF module (make it a feature request):
> I'd like to have FF++ module with rights changed to 2-bits with the
> meaning:
> 0 - no access of this type
> 1 - only this type access
> 2 - inherit this type right
> 3 - grant access of this type
> I think this would make FF module much more usefull. ;-)
> I would do this myself, but my programing skills are too low :-(
> I know there is enough work with 1.2.5 currently, but maybe in 1.2.6
> this could be done... ;-)
Mind making a list of what accesses you would like to see controlled
in this way? Default would be 2 for most rights, root dir default 3.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde abgetrennt...
Dateiname : nicht verf?gbar
Dateityp : application/pgp-signature
Dateigr??e : 189 bytes
Beschreibung: nicht verf?gbar
URL : http://rsbac.dyndns.org/pipermail/rsbac/attachments/20050624/6ae29eab/attachment.bin
More information about the rsbac
mailing list