From: Amon Ott <ao@rsbac.org>
Subject: Re: Roles question
Date: Tue, 31 Jul 2001 18:50:22 +0200
Next Article (by Date): Planning v1.2.0 - update2 Amon Ott
Previous Article (by Date): Re: Roles question steve
Top of Thread: Roles question steve
Articles sorted by: [Date]
[Author]
[Subject]
On Die, 31 Jul 2001 steve wrote: > Ahhh... I think I'm beginning to see the light on how this is supposed > to work. > > Now, it says it can't READ_OPEN the library in question. So, in order > to give qmail-qstat read access to the system libraries without giving > it read access to the rest of the files on the system, I should create > and FD type for libraries, and assign that FD type to /lib and /usr/lib > leaving the files in those directories to "inherit" their FD from their > parent. Then, give role 3 READ_OPEN access to that FD type. > > Am I on the right path here? This is absolutely the right direction. You will have to set the type on single files and subdirs, though, because there are subdirs below /lib and /usr/lib containing non-libs. :( Amon. - To unsubscribe from the rsbac list, send a mail to majordomo@rsbac.org with unsubscribe rsbac as single line in the body.
Next Article (by Date): Planning v1.2.0 - update2 Amon Ott
Previous Article (by Date): Re: Roles question steve
Top of Thread: Roles question steve
Articles sorted by: [Date]
[Author]
[Subject]