Re: RSBAC suggestions / Problems


From: Arkady A Drovosekov <drawa@suct.uu.ru>
Subject: Re: RSBAC suggestions / Problems
Date: Wed, 11 Jul 2001 20:08:14 +0600

Next Article (by Subject): RE: RSBAC suggestions / Problems "Kaladis"
Previous Article (by Subject): Re: RSBAC suggestions / Problems Amon Ott
Top of Thread: RSBAC suggestions / Problems "Kaladis"
Next in Thread: RE: RSBAC suggestions / Problems "Kaladis"
Articles sorted by: [Date] [Author] [Subject]


On Wed, Jul 11, 2001 at 12:37:13PM +0200, Amon Ott wrote:
> How about a solution like this:
> 
> - New CONFIG_RSBAC_ALLOW_DAC_DISABLE kernel config switch
> - DAC is still on by default
> - A kernel parameter and a runtime switch can toggle the check
> - Runtime switch is controlled by a RSBAC request MODIFY_PERMISSIONS_DATA on
> target T_NONE (SCD other in RC and ACL).
> 

> Comments?
1 and 2 - ok,
3 - may be add possibility to enable/disable runtime switching? or is it unnecessary?...
4 - don't know, because lack of experience
-- 
Best regards,
Arkady
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Subject): RE: RSBAC suggestions / Problems "Kaladis"
Previous Article (by Subject): Re: RSBAC suggestions / Problems Amon Ott
Top of Thread: RSBAC suggestions / Problems "Kaladis"
Next in Thread: RE: RSBAC suggestions / Problems "Kaladis"
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.