[rsbac] FF Module (no execute)
Amon Ott
ao at rsbac.org
Wed Apr 1 08:24:34 CEST 2020
Am 31.03.20 um 23:29 schrieb Ahmed Alzhrani:
> First of all, I would like to thank everyone for your support. I really appreciate it.
> I am currently testing the no_execute flag (FF module) and found out that when I run executable files as following:
> ./script.shor:./script.py
> I get the result NOT_GRANTED by FFÂ (which is the expected behavior). However, when I prefix the python script as following:
> python3 ./script.py
> The file execute normally; thus the policy is not applied as I see no log for it. I am trying to understand why is this the case?
The executed file in this case is python3, not your script. From RSBAC
perspective, python3 only reads the script file. There is no way for
RSBAC to know what python3 does with it internally.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list