| 1 |
Hello Markus, |
| 2 |
|
| 3 |
On Sat, 27 Sep 2008 15:38:51 +0200 |
| 4 |
Markus Bartl <hardened@××××××××××××××××.de> wrote: |
| 5 |
|
| 6 |
> Hi there. |
| 7 |
> |
| 8 |
> Ive got my SELinux kernel up and running. |
| 9 |
> What im wondering about is that i can restart services without |
| 10 |
> changing to the sysadm_r role. |
| 11 |
> Im logged on as root but root belongs only to staff_r. |
| 12 |
> Do I have to worry about it or is this just as expected? |
| 13 |
> Im new to SELinux. Just dealed with regular hardened stuff so I get |
| 14 |
> lost in the basics i guess. |
| 15 |
|
| 16 |
root being staff_r after logging in is expected. There's no need to |
| 17 |
give it extra priviliges unless root is actually going to do something |
| 18 |
that requires them. In that case root is expected to use newrole to |
| 19 |
change his role to sysadm_r. |
| 20 |
|
| 21 |
regards, |
| 22 |
nixnut |
Archives