Date: Wed, 3 Aug 2005 01:50:15 GMT From: g@vaned.net To: freebsd-doc@FreeBSD.org Subject: Re: docs/84453: bsd_seeotheruids root user exempt from policy Message-ID: <200508030150.j731oFJk014152@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/84453; it has been noted by GNATS. From: g@vaned.net To: Ceri Davies <ceri@submonkey.net> Cc: freebsd-gnats-submit@freebsd.org Subject: Re: docs/84453: bsd_seeotheruids root user exempt from policy Date: Tue, 2 Aug 2005 20:45:02 -0500 On Mon, Aug 01, 2005 at 11:11:37PM +0100, Ceri Davies wrote: > Could the submitter please post the output of "sysctl -a | grep > security.mac" on the affected system? sagan# sysctl -a | grep security.mac security.mac.max_slots: 4 security.mac.enforce_network: 1 security.mac.enforce_pipe: 1 security.mac.enforce_posix_sem: 1 security.mac.enforce_process: 1 security.mac.enforce_vm: 1 security.mac.mmap_revocation: 1 security.mac.mmap_revocation_via_cow: 0 security.mac.enforce_suid: 1 security.mac.enforce_socket: 1 security.mac.enforce_kld: 1 security.mac.enforce_system: 1 security.mac.enforce_sysv_msg: 1 security.mac.enforce_sysv_sem: 1 security.mac.enforce_sysv_shm: 1 security.mac.enforce_fs: 1 security.mac.seeotheruids.specificgid: 0 security.mac.seeotheruids.specificgid_enabled: 0 security.mac.seeotheruids.primarygroup_enabled: 0 security.mac.seeotheruids.enabled: 1 sagan# whoami root sagan# ps aux | grep -v root USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND smmsp 23960 0.0 0.3 3296 2692 ?? Is 8:31PM 0:00.00 sendmail: Queue _dhcp 41957 0.0 0.1 1384 1068 ?? Is 8:32PM 0:00.00 dhclient: bge0 ( user0 52449 0.0 0.3 6076 3116 ?? S 8:40PM 0:00.01 sshd: user0@tty user0 33386 0.0 0.2 2532 2040 v0 I 8:31PM 0:00.06 -zsh (zsh) user0 52459 0.0 0.2 2512 2256 p0 Is 8:40PM 0:00.02 -zsh (zsh)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508030150.j731oFJk014152>