Válasz: Re: Válasz: Re: [rsbac] Boot Role question
gabor.horvath at konicaminolta.hu
gabor.horvath at konicaminolta.hu
Fri Apr 7 10:21:26 CEST 2006
OK, and what about getty (mgetty)? Isn't it dangerous having the terminals
run by Boot Role? Though I know if so logs in than s/he switches to
security officer role.
Thank you.
Gábor Horváth
mailto:gabor.horvath at konicaminolta.hu
Amon Ott <ao at rsbac.org>
Feladó: rsbac-bounces at rsbac.org
2006.04.07 10:17
Kérem, válaszoljon ennek a személynek: RSBAC Discussion and Announcements
Címzett: RSBAC Discussion and Announcements
<rsbac at rsbac.org>
Másolat:
Tárgy: Re: Válasz: Re: [rsbac] Boot Role question
On Freitag 07 April 2006 10:09, gabor.horvath at konicaminolta.hu wrote:
> Thank you, that's very good. Though I thought forcing a role to e.g.
rcS
> is inefficient 'cause only binaries can change their role not
scripts. Or
> did I miss something?
rcS is started with exec, so the force role works fine. And all
daemons get started by this script or by rc, so they get the role,
too.
Some distros source init scripts, so the force role does not work for
them. I changed them to real exec here. A bit slower, but more
secure.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
_______________________________________________
rsbac mailing list
rsbac at rsbac.org
http://www.rsbac.org/mailman/listinfo/rsbac
More information about the rsbac
mailing list