OpenUsePrivilegeSeparation on Compaq V5.1A with C2/SIA Security
Darren Tucker
dtucker at zip.com.au
Sat Dec 21 22:49:31 EST 2002
Chris Adams wrote:
> The problem is that SIA doesn't just want root and a TTY, it also wants
> to be in the user process. It does things like setting resource limits,
> setting the login user (immutable under enhanced security and IIRC audit
> modes), and (IIRC) logging stuff for audit (like the process ID).
Ah, OK. Obviously no amount of futzing around with another process
running as root will help in that case.
Forget I mentioned it.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list