[rsbac] log msg
Amon Ott
ao at rsbac.org
Wed May 4 10:38:08 CEST 2005
On Mittwoch 04 Mai 2005 10:08, Andrea Pasquinucci wrote:
> I found this message in my log and I would like to unserstand what
it
> means (i.e. the 'UNDEFINED'), and if the related request has been
denied
> or accepted.
>
> kernel: rsbac_adf_request(): request CHANGE_DAC_FS_GROUP, pid 3717,
ppid
> 3674, prog_name su, prog_file /bin/su, uid 500, audit_uid 500,
> target_type PROCESS, tid 3717, attr owner, value 0, result UNDEFINED
by
> ADF
The combination of request and target type is invalid and thus has
been rejected by ADF. Access has not been granted.
There is a small bug in rsbac/adf/adf_check.c: The #ifdef is wrong.
You probably have DAC owner check disabled, but DAC group check
enabled.
Bugfix is attached.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde abgetrennt...
Dateiname : dac_group_fix.diff
Dateityp : text/x-diff
Dateigr??e : 504 bytes
Beschreibung: nicht verf?gbar
URL : http://rsbac.dyndns.org/pipermail/rsbac/attachments/20050504/bba3285c/dac_group_fix.bin
More information about the rsbac
mailing list