From owner-freebsd-hackers@FreeBSD.ORG Sun Aug 21 15:34:36 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1CB3816A41F for ; Sun, 21 Aug 2005 15:34:36 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [204.156.12.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id D035243D48 for ; Sun, 21 Aug 2005 15:34:35 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by cyrus.watson.org (Postfix) with ESMTP id 04AAA46B4B; Sun, 21 Aug 2005 11:34:25 -0400 (EDT) Date: Sun, 21 Aug 2005 16:39:24 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Michael In-Reply-To: <43087A39.7000106@onet.ru> Message-ID: <20050821163830.D44147@fledge.watson.org> References: <43087A39.7000106@onet.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org Subject: Re: MAC Biba policy. High marked process can't write to high marked file. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Aug 2005 15:34:36 -0000 On Sun, 21 Aug 2005, Michael wrote: > %setpmac biba/high echo 1 >> test # bah! > test: Permission denied. Remember that the '>>' is evaluated in the parent shell context, not the execution context set up by setpmac. Try doing "setpmac biba/high csh" and see how that changes the results when you run the complete command in that context? Robert N M Watson