From: ao@morpork.shnet.org (A. Ott)
Subject: Serious bug in MAC
Date: 24 Feb 2000 11:08:00 +0100
Next Article (by Date): 1.0.9b-pre2 uploaded ao@morpork.shnet.org (A. Ott)
Previous Article (by Date): Re: Non-i386 arch porting / test helper Shaun Savage
Articles sorted by: [Date]
[Author]
[Subject]
Hi all!
Due to an old bug, any user can change the mac_trusted_for_user entry for
files. This entry allows to turn off *-property checking, if the file is
executed. This bug is serious for MAC!
Please apply the following patch to rsbac/adf/mac/mac_main.c:
Amon.
--- mac_main.c~ Tue Feb 22 15:30:36 2000
+++ mac_main.c Thu Feb 24 10:55:42 2000
@@ -1500,6 +1500,7 @@
case A_max_read_categories:
case A_mac_auto:
case A_mac_trusted:
+ case A_mac_trusted_for_user:
case A_mac_check:
case A_log_array_low:
case A_log_array_high:
@@ -1737,6 +1738,7 @@
case A_max_read_open:
case A_mac_auto:
case A_mac_trusted:
+ case A_mac_trusted_for_user:
case A_mac_check:
case A_log_array_low:
case A_log_array_high:
--
## CrossPoint v3.11 ##
-
To unsubscribe from the rsbac list, send a mail to
majordomo@morpork.shnet.org with
unsubscribe rsbac
as single line in the body.
Next Article (by Date): 1.0.9b-pre2 uploaded ao@morpork.shnet.org (A. Ott)
Previous Article (by Date): Re: Non-i386 arch porting / test helper Shaun Savage
Articles sorted by: [Date]
[Author]
[Subject]