From: ao@morpork.shnet.org (A. Ott)
Subject: Serious bug in MAC
Date: 24 Feb 2000 11:08:00 +0100
Next Article (by Subject): Solution for inheritance prob with 2.4.0 kernels Amon Ott
Previous Article (by Subject): rsbac.org and 1.0.9b-pre7 ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date]
[Author]
[Subject]
Hi all! Due to an old bug, any user can change the mac_trusted_for_user entry for files. This entry allows to turn off *-property checking, if the file is executed. This bug is serious for MAC! Please apply the following patch to rsbac/adf/mac/mac_main.c: Amon. --- mac_main.c~ Tue Feb 22 15:30:36 2000 +++ mac_main.c Thu Feb 24 10:55:42 2000 @@ -1500,6 +1500,7 @@ case A_max_read_categories: case A_mac_auto: case A_mac_trusted: + case A_mac_trusted_for_user: case A_mac_check: case A_log_array_low: case A_log_array_high: @@ -1737,6 +1738,7 @@ case A_max_read_open: case A_mac_auto: case A_mac_trusted: + case A_mac_trusted_for_user: case A_mac_check: case A_log_array_low: case A_log_array_high: -- ## CrossPoint v3.11 ## - To unsubscribe from the rsbac list, send a mail to majordomo@morpork.shnet.org with unsubscribe rsbac as single line in the body.
Next Article (by Subject): Solution for inheritance prob with 2.4.0 kernels Amon Ott
Previous Article (by Subject): rsbac.org and 1.0.9b-pre7 ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date]
[Author]
[Subject]