[prev in list] [next in list] [prev in thread] [next in thread]
List: rsbac
Subject: [rsbac] linux_dac_disable
From: Andrea Pasquinucci <cesare () ucci ! it>
Date: 2005-09-15 8:17:52
Message-ID: 20050915081752.GB5063 () old ! at ! home
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Hi, another little question.
I would like to use the linux_dac_disable feature but linked to Roles
and Files. From what I understood, linux_dac_disable is a property only
of the filesystem, i.e. if I disable DAC on a directory tree, this is
valid for all Roles.
What instead I would like is a simple way of disabling DAC only for one
Role on a directory tree, like for example something as:
DAC is disabled on DIR for ROLE
to which of course I would add a rule like 'ROLE has rights xxx on DIR'.
If this is going to be impossible, of course I will have to disabled DAC
on a directory for everyone and give to each Role the appropriate rights
on that directory.
PS. Running in SOFTMODE linux_dac_disable is turned off, right? That is
in SOFTMODE DAC is _always_ enforced.
--
Andrea Pasquinucci cesare@ucci.it
PGP key: http://www.ucci.it/ucci_pub_key.asc
fingerprint = 569B 37F6 45A4 1A17 E06F CCBB CB51 2983 6494 0DA2
[Attachment #5 (application/pgp-signature)]
_______________________________________________
rsbac mailing list
rsbac@rsbac.org
http://www.rsbac.org/mailman/listinfo/rsbac
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic