[rsbac] Process targets behaving strangely

Evan Speltz saturn at nameless.mine.nu
Fri Sep 8 23:45:23 CEST 2006

I have a role with def_process_create_type and def_process_execute_type
set to a type which is not 0. However when I try to run a program in
this role, I get this message:

rsbac_adf_request(): request MODIFY_SYSTEM_DATA, pid 9106, ppid 6995,
prog_name bash, prog_file /bin/bash, uid 1001, remote ip,
target_type PROCESS, tid 9106, attr none, value none, result NOT_GRANTED
by RC

The only way to make it work is to allow MODIFY_SYSTEM_DATA for process
type 0, even though none of processes in question are of type 0 (I have
checked to make sure of that). What is happening?

More information about the rsbac mailing list