proc permissions problem

Submit your RBAC policies or suggest policy improvements

proc permissions problem

Postby niz » Mon Jan 27, 2003 4:33 am

I have grsecuritys proc restrictions enabled and I need to read /proc/net/arp file with some program. Can I give permission to read that file with acl to some process?

-niz
niz
 
Posts: 19
Joined: Mon Sep 09, 2002 6:12 am

Postby spender » Mon Jan 27, 2003 8:22 am

No, you can't. The ACL system can never override regular DAC permissions. However, if you had selected the special group option of the /proc restrictions, you could simply place the user who needs to access /proc/net in that group.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to RBAC policy development