[rsbac] ssh rc-role

jens jens at igraltist.dyndns.org
Tue Aug 15 19:58:11 CEST 2006

hi liste
i have a problem with my ssh.
the follow situation i have.
i give the sshd a initial rc-role and force role. 
now when i will offer  the root password for the ssh access i get the the 
ssh-force-rc-role has access to the directory /security for manage the rsbac 
over ssh. now the same ssh-force-rc-role give the root-user the entry.
and the root user get all rights for the /security directory  like the 
security-user. and this directory is the only where i give the 
ssh-force-rc-role acces to write etc. . now the root-user which come with the 
ssh-force-rc-role into  the system get also all this rights there.
there the rc-type not differ betwen the users, because the ssh-force-role ask 
for access.
for this situation i need an other model to protect this directory.
there is no problem if i do with direct keyboard access to the machine, 
because then the rc-role 2 has no access the the rc-type from /security.
but when i will do over ssh is it a problem.

More information about the rsbac mailing list