[rsbac] Feature request: type_user_owner_def_fd_create after chown

Javier J. Martínez Cabezón tazok.id0 at gmail.com
Sun Jan 18 18:41:32 CET 2009

I think we have not this functionality, when you make a login with
login or by ssh the terminal (tty or pty) gets one change_owner to the
user one (permissions changed to avoid other users sniffing in the
terminal but root is not restricted), the problem is that the fd's
rc_type and the dev's rc_type did not change. With static devices the
device is not created, only chowned. If we could change this
rc_dev_type (better than rc_fd_type) to one only owned by the user we
could close one attack vector from root (for example with TIOCSTI

Until now I only could make that tty5 and tty6 get one different DEV
type (security device) that only secoff has rights against him, and
tty4 assigned to the role updater_r with a new dev type and fd_type
updater_device (the lonely one who could install binaries and update
of the system), however this is not useful for ssh logins and not very

What do you think? It's a good idea? Could it be implemented?

If devices are created on the fly (udev?) it could be useful to have
the option to assign it to the user owner after chown (something like:
def_fd_create_ind_type my_fd_devdir_type  use_def_user_after_chown).

More information about the rsbac mailing list