1 |
staff_r can su with the older NSA released policy and with Richard Cocker's |
2 |
policy (I hope I spelled his name correctly). I haven't tried the latest to |
3 |
see if the NSA policy has changed this or not |
4 |
|
5 |
I still use the older policy. If my role is staff_r I can always su. |
6 |
|
7 |
The older policy dis-allows going directly to staff_r via ssh. A newrole is |
8 |
needed. |
9 |
|
10 |
michael |
11 |
On Tue, 13 Jan 2004 08:14:45 -0800 |
12 |
Bill McCarty <bmccarty@××××××.net> wrote: |
13 |
|
14 |
> Oops! I need to post a correction, in case someone accesses this list via |
15 |
> the archives. |
16 |
> |
17 |
> Staff_r does NOT permit running su. I have no idea why I though it did, |
18 |
> other than the lateness of the hour at which I was working. I apologize |
19 |
> for the list noise and for any possible confusion. |
20 |
> |
21 |
> Cheers, |
22 |
> |
23 |
> --------------------------------------------------- |
24 |
> Bill McCarty |
25 |
> |
26 |
> |
27 |
> -- |
28 |
> gentoo-hardened@g.o mailing list |
29 |
|
30 |
|
31 |
-- |
32 |
---- ---- ---- |
33 |
Michael Reilly michaelr@×××××.com |
34 |
Cisco Systems, Santa Cruz, CA |
35 |
|
36 |
-- |
37 |
gentoo-hardened@g.o mailing list |