grsecurity forums


http://forums.grsecurity.net./

2 questions

http://forums.grsecurity.net./viewtopic.php?f=5&t=398

Page 1 of 1

2 questions

PostPosted: Thu Apr 24, 2003 1:45 pm
by superbock
Hi!

First:

Let's say i have this user (xpto) belonging to this group (users).
I also have a user role for xpto and a group role for users.
Is xpto affected by both roles or just the user role?

Second:

Considering this acl:

/usr/bin
/usr/bin/*

A 'ls' on /usr/bin shows lots of symlinks, which obviously don't work, but it shows the "physical" presence of real files. Can this be prevented?

Using 2.0pre3

Thanks in advance

PostPosted: Thu Apr 24, 2003 4:52 pm
by spender
The role lookups first try to find a user role, then a group role, then use the default role. Thus, in your case, it's the user role that matters.

I'm not sure I understand your second question. Do you want to hide what's in /usr/bin?

-Brad

PostPosted: Mon Apr 28, 2003 2:08 pm
by superbock
I gave /usr/bin as an example.

I undestand that symlinks show up if u give read permission for the real file, but i see symlinks that, as far as i can tell, have no relation with files i've given permission to be seen.

PostPosted: Sun May 04, 2003 9:22 pm
by spender
There's a problem with globbing and symlinks. I'm working on fixing it right now.

-Brad

PostPosted: Sun May 04, 2003 9:50 pm
by spender
It's fixed in current CVS. The bug in gradm wasn't present in 1.9.9*. It was a stat/lstat typo.
Thanks for pointing it out

-Brad

PostPosted: Wed May 07, 2003 10:08 am
by superbock
Great!

And it is I who thanks :)
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/