[rsbac] rc-role
jens
jens at igraltist.dyndns.org
Mon Aug 28 13:46:59 CEST 2006
hi,
i had done some test, and it was to set an all main directorys and files a
rc-type. then after this i setup for all binaries in /bin /sbin /user/bin
and /usr/sbin a initial- and force-role.
when my setup was finish i turn off softmode global. then i login and can do
with the root-uer wich has the rc-role 2 all like before.
the rc-role 2 has no create rights, and also not other rights for the rc-type
on /var, but was able to do mkdir on it.
i also can build a kernel and get no entry in the security-log.
bevor when i only have used the rc-types, the rc-role 2 can not go
to /usr/src.
igraltist
More information about the rsbac
mailing list