From: Amon Ott <ao@rsbac.org>
Subject: Re: something about INIT too.
Date: Mon, 12 Mar 2001 17:19:39 +0100
Next Article (by Date): kernel oops 2.4.2+raid+smp+pre5 Bencsath Boldizsar
Previous Article (by Date): Re: Forwarded mail.... Amon Ott
Top of Thread: something about INIT too. "hollace leon"
Articles sorted by: [Date]
[Author]
[Subject]
On Mon, 12 Mär 2001 hollace leon wrote:
> I am testing RSBAC-v1.1.0.
> I found something:
>
> process name: max_read_open min_write_open mac_trusted
> --------------------------------------------------------------------------------------------------------
> init 0 0 0
> kflushd 0 252 1
> kswapd 0 252 1
> ...... .. .. ..
>
> why is init different from other daemons??
> I found in aci_data_structures.h that
> DEFAULT_INIT_P_ACI={
> ...
> 252 /* min_write_open */
> ....
> TRUE /* mac_trusted */
> ...
> }
The init process executes the program init and thus looses its trusted flag.
When this program writes to objects on level 0, min_write_open is set to 0.
If you need init as trusted, you can set mac_trusted_for_user to 0 or <all> for
/sbin/init (or where your init program is).
Amon.
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.
Next Article (by Date): kernel oops 2.4.2+raid+smp+pre5 Bencsath Boldizsar
Previous Article (by Date): Re: Forwarded mail.... Amon Ott
Top of Thread: something about INIT too. "hollace leon"
Articles sorted by: [Date]
[Author]
[Subject]