From: Jesse Pollard <pollard@cats-chateau.net>
Subject: Re: AUTH module - denying CHANGE_OWNER request?
Date: Mon, 3 Jul 2000 21:20:54 -0500
Next Article (by Subject): Re: AUTH module - denying CHANGE_OWNER request? 320081322443-0001@t-online.de (Amon Ott)
Previous Article (by Subject): AUTH module - denying CHANGE_OWNER request? pyromage@pyromage.net
Top of Thread: AUTH module - denying CHANGE_OWNER request? pyromage@pyromage.net
Next in Thread: Re: AUTH module - denying CHANGE_OWNER request? 320081322443-0001@t-online.de (Amon Ott)
Articles sorted by: [Date]
[Author]
[Subject]
On Mon, 03 Jul 2000, 320081322443-0001@t-online.de wrote: >Hello 8-} > >RSBAC is a great patch, but I'm having trouble getting everything to work >correctly. I have the auth module setup, and most of my daemons work fine once >I add the needed capabilities, however some still some problems remain with >some (like /bin/login). It is denied CHANGE_OWNER request (to root, i >believe), even though I have explicitly given it that capability! The odd >thing is that console logins work fine, but no remote logins are possible! > >Ideas? I may be the wrong source for this but: console logins inherit getty privileges, which inherits from init (getty restarted by init). telnet (I think this is what you are referring to) login inherits from telnetd which inherits from inetd. This is a different chain, and doesn't go back to init. inetd doesn't get restarted by init (inheritance chain broken there). Since I don't have an active RSBAC system yet, I can't give a "do this" solution. -- ------------------------------------------------------------------------- Jesse I Pollard, II Email: pollard@cats-chateau.net Any opinions expressed are solely my own. - To unsubscribe from the rsbac list, send a mail to majordomo@rsbac.org with unsubscribe rsbac as single line in the body.
Next Article (by Subject): Re: AUTH module - denying CHANGE_OWNER request? 320081322443-0001@t-online.de (Amon Ott)
Previous Article (by Subject): AUTH module - denying CHANGE_OWNER request? pyromage@pyromage.net
Top of Thread: AUTH module - denying CHANGE_OWNER request? pyromage@pyromage.net
Next in Thread: Re: AUTH module - denying CHANGE_OWNER request? 320081322443-0001@t-online.de (Amon Ott)
Articles sorted by: [Date]
[Author]
[Subject]