grsecurity forums

Skip to content

RBAC auto-role question

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

RBAC auto-role question

Postby Kyoshiro » Mon Aug 16, 2004 9:33 am

I made a special role which default subject allows access to standard /etc and /proc files to increase ACL's lisibility and reduce reddundancy in each process (/etc/localtime, /etc/ld.so.cache, ....). I want some process to be auto-granted that specific role...

I was wondering how I could auto assign a special role when a program (identified by its path) is launched. Any idea ?
Kyoshiro
 
Posts: 20
Joined: Thu Aug 12, 2004 5:45 pm
Top

Postby spender » Fri Aug 20, 2004 10:16 am

Make it a role that doesn't require authentication, and make some wrapper program that execs gradm -n <rolename>, which will automatically switch to the special role.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top

Postby Kyoshiro » Mon Aug 23, 2004 12:01 pm

Ok thanks
Kyoshiro
 
Posts: 20
Joined: Thu Aug 12, 2004 5:45 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group