access control by name, not inode


From: Arkady A Drovosekov <drawa@suct.uu.ru>
Subject: access control by name, not inode
Date: Mon, 10 Dec 2001 18:29:36 +0500

Next Article (by Author): Re: bind 9.1.3-3 and RC roles problem Arkady A Drovosekov
Previous Article (by Author): Re: Válasz:_Protect_rc_file(s)_from_manual_running Arkady A Drovosekov
Next in Thread: Re: access control by name, not inode Amon Ott
Articles sorted by: [Date] [Author] [Subject]


Hi,
is it possible to control an access by name of entity?
e.g.:
1 - I assign role to file A,
2 - program B (it has rights to do anything with file A) deletes this file
3 - program B create file with the same name A
4 - at this point it seems file A has no assigned role

passwd - such evil program ;-) , at least when you change password and shadow
file (the victim) is used
-- 
Best regards,
Arkady
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Author): Re: bind 9.1.3-3 and RC roles problem Arkady A Drovosekov
Previous Article (by Author): Re: Válasz:_Protect_rc_file(s)_from_manual_running Arkady A Drovosekov
Next in Thread: Re: access control by name, not inode Amon Ott
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.