[rsbac] ssh rc-role
Amon Ott
ao at rsbac.org
Thu Aug 24 08:19:07 CEST 2006
On Mittwoch 23 August 2006 19:40, tazok wrote:
> The role_inherit_mixed_up I think is the behaviour by default in the
> RC model (as you can see in their documentation), and probably used
> for all login based programs.
The idea for login or sshd is to have one initial role with minimal
rights and the forced role setting up_mixed (the default). When the
program gets started, it has the initial role. Only after the setuid
(which is controlled by RSBAC) the process gets the user's default
role.
If e.g. sshd gets hacked like it has been before, it either still runs
with the initial role and has minimal rights, or tries to setuid, and
that is restricted through AUTH (and optionally RC, ACL in RSBAC
1.3). So the damage can be minimalized.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list