[rsbac] FF Module (no execute)

Jens Kasten jens.kasten at kasten-edv.de
Wed Apr 1 00:10:01 CEST 2020


When you set chmod 644 to the python file, then the filesystem 
permission does not grant it.
When you set chmod 655 to the python file, then the ff permision does 
not grant it.
But in both cases the python interpreter can execute the file.

Am 31.03.2020 23:29, schrieb Ahmed Alzhrani:
> First of all, I would like to thank everyone for your support. I
> really appreciate it.
> I am currently testing the no_execute flag (FF module) and found out
> that when I run executable files as following:
> ./script.shor:./script.py
> I get the result NOT_GRANTED by FF (which is the expected behavior).
> However, when I prefix the python script as following:
> python3 ./script.py
> The file execute normally; thus the policy is not applied as I see no
> log for it. I am trying to understand why is this the case?
> Thank you,Alzhrani
> _______________________________________________
> rsbac mailing list
> rsbac at rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac

Mit freundlichen Grüßen
Jens Kasten

More information about the rsbac mailing list