ACL Problem with /bin/sh --> /bin/bash

Submit your RBAC policies or suggest policy improvements

ACL Problem with /bin/sh --> /bin/bash

Postby cco » Mon Jan 12, 2004 5:19 am

I have the following acl error in my log file.

kernel: grsec: denied access to hidden file /bin/bash by (sh
:18870) UID(0) EUID(0), parent (cron:31871) UID(0) EUID(0)

The problem is that the /bin/sh is a symlink to /bin/bash. And you can't write acl rule for a symlink.
Cron has access to /bin rx
And /bin/bash has access to /bin too.

Can somebody help me to deal with this loop ?...
Posts: 1
Joined: Mon Jan 12, 2004 5:11 am

Postby birdo » Thu Jan 15, 2004 3:00 pm

Somehow there is security within symlinks afaik.
A dirty patch would be to copy the file instead using the symlink :-)
Posts: 1
Joined: Thu Jan 15, 2004 2:57 pm

Postby fwiffo » Sat Mar 13, 2004 5:12 am

No symlinks in grsec's ACL, you'll have to write the rule for the original file the symlink is pointing to (that is, the symlink is treated like the original file and not as a file-per-se)
Posts: 10
Joined: Fri Mar 12, 2004 6:50 pm

Return to RBAC policy development