[rsbac] RSBAC 1.4.0 pre 1 released
kang
kang at rsbac.org
Thu Nov 29 15:51:21 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
frealek wrote:
> Hi,
>
> Are the "usual" tools those from coreutils ? If it's the case,
> there is potentially a problem with the column syntax : chown
> 0:1000 /etc/someapp.conf can be interpreted (default) UID:GID or
> (RSBAC) SET:UID...
>
> Or this special syntax is only compatible with RSBAC admin tools ?
>
> frealek
>
This is only for RSBAC tools.
Other tools uses normal uids, so e.g.:
chown 1000 /etc/someapp.conf
then process bash running as set 0 tries to open it:
its like if the file would belong to user 0:1000
then process jailed bash running as set 1 tries to open it:
its like if the file would belong to user 1:1000 (which maybe has no
rights to read it)
kang
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHTtHp80VHuunDdyYRCP+XAJ9aNcYeOet02RQVNUUS+yCDF+yJ+gCeO45I
mvpYUVWfdymA6+c7ej1QqqI=
=MTcu
-----END PGP SIGNATURE-----
More information about the rsbac
mailing list