[rsbac] Trusted Path Execution and scripts
tazok
tazok.id0 at gmail.com
Thu Jul 20 04:09:49 CEST 2006
> To perl and python, making them an unique forced role and revoking all
> execute and read_open privileges to all types not "trusted_scripts" would be
> enough, but in the case of bash you can't do it, first because you can't
> forgive the access to it to anyone because they couldn't even logging into
> the system, you can't forgive the read_open privilege too because it reads
> for the .bashrc file for example, however this users could write scripts and
> launch them without control and this is the question that I can't find one
> solution.
>
> Please, substitute forgive by forbid, it was a mistake
More information about the rsbac
mailing list