On Thu, 24 Jan 2002, Stephen Smalley wrote: > > > On Thu, 24 Jan 2002 jmjonesat_private wrote: > > > Wouldn't it be useful for a userspace application that is > > setuid root to be able to bypass the module's checks. > > Useful for people who want to break into your systems, yes. One of the > problems with existing Unix systems is that you only need to find a single > setuid root program or root daemon that has a flaw, and you can take > control of the entire system. Um, respectfully, I might disagree. What I'm looking for is a way to install a product on the system that works, rather than a way to bypass security. Perhaps a small application that ASKS for such a access, or a way for the install code to similarly ask and answer. If this is well beyond the concept of "security", I understand, but this is the way that INSTALL scripts have worked in the pass. I'm looking for a new way to do the same thing. Sincerely, J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jan 24 2002 - 13:26:30 PST