[rsbac] SERACH request on DEV target
Amon Ott
ao at rsbac.org
Fri Sep 19 11:31:31 CEST 2008
On Thursday 18 September 2008 21:06, Orosz Tamás wrote:
> I got an error message, when I try to run my own sh script. This
> script uses some commands, for example "find". The error message
> is:
>
> 0000012064|check_comp_rc(): pid 465296960 (find), owner 65534,
> rc_role 0, DEV rc_type 0, request SEARCH -> NOT_GRANTED!
> <6>0000012065|rsbac_adf_request(): request SEARCH, pid 3764, ppid
> 3763, prog_name find, prog_file /usr/bin/find, uid 65534, audit uid
> 400, target_type DEV, tid block 07:05, attr none, value none,
> result NOT_GRANTED by RC ACL
>
> Now, my problem is, I did not found SEARCH request on DEV targets,
> so I can not allow this request. I really need to allow this
> process to collect data correctly, but RC and ACL blocks it. Do you
> have any idea?
>
> I'm running RSBAC 1.3.8 with pre-patched kernel 2.6.24.3.
This is a bug in the filesystem object hiding code. It has been fixed
in svn some time ago, but for now you should probably turn that
feature off.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list