OpenUsePrivilegeSeparation on Compaq V5.1A with C2/SIA Security

Darren Tucker dtucker at zip.com.au
Sat Dec 21 22:49:31 EST 2002


Chris Adams wrote:
> The problem is that SIA doesn't just want root and a TTY, it also wants
> to be in the user process.  It does things like setting resource limits,
> setting the login user (immutable under enhanced security and IIRC audit
> modes), and (IIRC) logging stuff for audit (like the process ID).

Ah, OK. Obviously no amount of futzing around with another process
running as root will help in that case.

Forget I mentioned it.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.



More information about the openssh-unix-dev mailing list