[rsbac] Strange random errors
Amon Ott
ao at rsbac.org
Tue Jul 12 08:41:12 CEST 2005
On Montag 11 Juli 2005 22:13, Rafal Bisingier wrote:
> On Mon, Jul 11, 2005 at 09:07:10PM +0200, Rafal Bisingier wrote:
> > I've downloaded interface.c from RSBAC's svn repository, compiled
and
> > instaled nss_rsbac, but the difference is small. id -G doesn't
crash,
> > but doesn't also work as it should, for eg. when run from root:
> > # id -G
> > 0 1 2 3 4 6 10
> > # id -G root
> > 0
> > So there's only the primary group...
>
> Mea culpa - that was just because I haven't got ACL rights for
groups
> READ. But why then it works for id -G? Why I need this right if I
add
> a name of calling user as a parameter? Anyway this one works.
Each user must be able to read all own groups at login, otherwise you
run into problems. When reading groups of another user, as the
parameter implies, you need rights for the user and each group. This
is not perfect, but gives you some protection.
> > Moreover it does not help at all for the "Memory fault" and
> > "Segmentation fault" errors. :-(
>
> But this is broken down :-(
So other programs still fail. I cannot reproduce that here.
> > How can I help in tracing and finally eliminating this nasty bug?
We need some kind of pattern when and how the programs break.
Everybody: Does someone else experience program crashes when using
RSBAC User Management?
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list