tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: /sbin/reboot and secmodel
Brian Buhrow wrote:
Hello. This may miss the point entirely, but don't you do this by
setting the group execute bit on shutdown(8) only, and putting the users
you want to have access to this utility in the appropriate group?
Or, are you trying to eliminate set[GU]id programs entirely from the
system?
Not shutdown(8) as it can be used to do other things, but maybe
reboot(8). Anyway, I'd like to be able to implement this as a secmodel
policy rather than rely on sugid bits. (which, eventually, I'd like to
get rid off, yes ;)
If that's the case, I'm with smb, change the SEC model to allow access to
certain system calls by certain uids, or what ever criteria the sec model
can use, but make the sec model a gate keeper for the system calls.
The secmodel already does that. If you'd call reboot(2) directly, you'd
be granted access to reboot the system (verified). The problem is with
"graceful" rebooting, where reboot(8) is first trying to send a SIGTERM
to all processes, etc.
-e.
Home |
Main Index |
Thread Index |
Old Index