[rsbac] linux_dac_disable
Andrea Pasquinucci
cesare at ucci.it
Thu Sep 15 10:17:52 CEST 2005
Hi, another little question.
I would like to use the linux_dac_disable feature but linked to Roles
and Files. From what I understood, linux_dac_disable is a property only
of the filesystem, i.e. if I disable DAC on a directory tree, this is
valid for all Roles.
What instead I would like is a simple way of disabling DAC only for one
Role on a directory tree, like for example something as:
DAC is disabled on DIR for ROLE
to which of course I would add a rule like 'ROLE has rights xxx on DIR'.
If this is going to be impossible, of course I will have to disabled DAC
on a directory for everyone and give to each Role the appropriate rights
on that directory.
PS. Running in SOFTMODE linux_dac_disable is turned off, right? That is
in SOFTMODE DAC is _always_ enforced.
--
Andrea Pasquinucci cesare at ucci.it
PGP key: http://www.ucci.it/ucci_pub_key.asc
fingerprint = 569B 37F6 45A4 1A17 E06F CCBB CB51 2983 6494 0DA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://rsbac.dyndns.org/pipermail/rsbac/attachments/20050915/c7af6fdb/attachment.bin
More information about the rsbac
mailing list