1 |
Hello Markus, |
2 |
|
3 |
On Sat, 27 Sep 2008 15:38:51 +0200 |
4 |
Markus Bartl <hardened@××××××××××××××××.de> wrote: |
5 |
|
6 |
> Hi there. |
7 |
> |
8 |
> Ive got my SELinux kernel up and running. |
9 |
> What im wondering about is that i can restart services without |
10 |
> changing to the sysadm_r role. |
11 |
> Im logged on as root but root belongs only to staff_r. |
12 |
> Do I have to worry about it or is this just as expected? |
13 |
> Im new to SELinux. Just dealed with regular hardened stuff so I get |
14 |
> lost in the basics i guess. |
15 |
|
16 |
root being staff_r after logging in is expected. There's no need to |
17 |
give it extra priviliges unless root is actually going to do something |
18 |
that requires them. In that case root is expected to use newrole to |
19 |
change his role to sysadm_r. |
20 |
|
21 |
regards, |
22 |
nixnut |