Date: Mon, 27 Jun 2005 10:44:25 +0100 From: David Malone <dwmalone@maths.tcd.ie> To: K?vesd?n G?bor <gabor.kovesdan@t-hosting.hu> Cc: freebsd-stable@freebsd.org, freebsd-questions@freebsd.org Subject: Re: bsdextended mac module question Message-ID: <20050627094425.GA80771@walton.maths.tcd.ie> In-Reply-To: <42BFBCAF.9040001@t-hosting.hu> References: <42BFBCAF.9040001@t-hosting.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 27, 2005 at 10:45:35AM +0200, K?vesd?n G?bor wrote: > Hello, > > I try to make a bsdextended mac policy and when I add the following > rule, I can't login with a simple user: > > ugidfw add subject not uid root object uid root mode rx I think you'll need to allow stat permission too - say "rxs" not just "rx". You may also want to think about what this rule does to /tmp. David.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050627094425.GA80771>