[rsbac] CLOSE request not checked in RC
Javier J. Martínez Cabezón
tazok.id0 at gmail.com
Tue Jan 20 01:02:53 CET 2009
And if added one #If define ((CONFIG_RSBAC_RC_CHECK_CLOSE) that if
defined get all checks made returning DON'T CARE if not?. You could
put in the help that CLOSE should always get granted to avoid bad
software behaviour. At this way not behaviour is changed,
CONFIG_RSBAC_RC_CHECK_CLOSE could be put as highly experimental. To
avoid that users turn it on by unknown, you could make that it depend
for example of CONFIG_RSBAC_RC_ENABLE_DANGEROUS_CHECKS and only permit
turn on CONFIG_RSBAC_RC_CHECK_CLOSE if switched on. With this not
significant changes are done in the default behaviour. What do you
think?
2009/1/19 Amon Ott <ao en rsbac.org>:
> On Sunday 18 January 2009 wrote Javier J. Martínez Cabezón:
>> Hi, in rc_main.c in svn code CLOSE request is not checked at all
>> (always returns DON'T CARE) is this right?. Could not exist cases in
>> which an owner want that one object still opened?. Is this behaviour
>> right?
>
> Yes, I understand that it could be useful. However, many programs I have seen
> expect close to never fail and can break, if it does. So I have done this
> compromize - you will see it in the log, but it still works.
>
> If you (and others?) convince me, we can change that behaviour to really deny
> close access.
>
> Amon.
> --
> http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
> _______________________________________________
> rsbac mailing list
> rsbac en rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac
>
More information about the rsbac
mailing list