Re: colorizer and MAC trivial question...


From: Amon Ott <ao@rsbac.org>
Subject: Re: colorizer and MAC trivial question...
Date: Tue, 29 Aug 2000 10:09:31 +0200

Next Article (by Date): Re: MAC trivial question... Fabrice MARIE
Previous Article (by Date): colorizer and MAC trivial question... Fabrice MARIE
Top of Thread: colorizer and MAC trivial question... Fabrice MARIE
Articles sorted by: [Date] [Author] [Subject]


On Die, 29 Aug 2000 Fabrice MARIE wrote:
> I've attached a configuration file for colortail.
> (http://freshmeat.net/projects/colortail/download/colortail-0.3.0.tar.gz)
> This will allow you to colorize some keywords, IP addresses etc ...
> This one colorize as well a couple of rsbac keywords, it becomes more easy to read.
> Enjoy!
> Enhancements of this conf file, etc.. are welcome!!

Interesting. I will have a closer look.
 
> The question of the day will be about MAC.
> I'm having what I think is a trivial problem with MAC.
> As a normal user, I cannot su. The MAC module deny su to change owner from 501 to 0.
> Can anyone explain slowly how can I change this ?

You are not allowed to change owner to an ID, whose security level you do not
dominate. E.g, if 501 has sec_level 0 and root 252, this is not allowed. If 501
also had 252, it would work. Without this restriction, the security
classification could be violated.

You find the code in rsbac/adf/mac/mac_main.c, lines 1109-1134. You could
change the returning of NOT_GRANTED to a warning message.

> MAC is still very problematic for me. I'm still learning slowly :)

I don't use it myself, because it is too restrictive and does not fit well into
the Linux world.

BTW, Stanislav has some patches to make MAC work better under Linux.

Chris, where are your patches?

Amon.
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Date): Re: MAC trivial question... Fabrice MARIE
Previous Article (by Date): colorizer and MAC trivial question... Fabrice MARIE
Top of Thread: colorizer and MAC trivial question... Fabrice MARIE
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.