[rsbac] Feature request: type_user_owner_def_fd_create after chown
Javier J. Martínez Cabezón
tazok.id0 at gmail.com
Mon Jan 19 20:56:42 CET 2009
And what about TIOCCONS, maybe interesting to control it? I think it
goes through IOCTL right, I think too many users needs IOCTL to tty
dev...
2009/1/19 Amon Ott <ao en rsbac.org>:
> On Sunday 18 January 2009 wrote Javier J. Martínez Cabezón:
>> could close one attack vector from root (for example with TIOCSTI
>> ioctl).
>
> TIOCSTI has its own request type on DEV: SEND
>
> So that attack vector should be no problem, by default it should be denied to
> anyone. What other vectors do you think are there?
>
> Amon.
> --
> http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
> _______________________________________________
> rsbac mailing list
> rsbac en rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac
>
More information about the rsbac
mailing list