| 1 |
staff_r can su with the older NSA released policy and with Richard Cocker's |
| 2 |
policy (I hope I spelled his name correctly). I haven't tried the latest to |
| 3 |
see if the NSA policy has changed this or not |
| 4 |
|
| 5 |
I still use the older policy. If my role is staff_r I can always su. |
| 6 |
|
| 7 |
The older policy dis-allows going directly to staff_r via ssh. A newrole is |
| 8 |
needed. |
| 9 |
|
| 10 |
michael |
| 11 |
On Tue, 13 Jan 2004 08:14:45 -0800 |
| 12 |
Bill McCarty <bmccarty@××××××.net> wrote: |
| 13 |
|
| 14 |
> Oops! I need to post a correction, in case someone accesses this list via |
| 15 |
> the archives. |
| 16 |
> |
| 17 |
> Staff_r does NOT permit running su. I have no idea why I though it did, |
| 18 |
> other than the lateness of the hour at which I was working. I apologize |
| 19 |
> for the list noise and for any possible confusion. |
| 20 |
> |
| 21 |
> Cheers, |
| 22 |
> |
| 23 |
> --------------------------------------------------- |
| 24 |
> Bill McCarty |
| 25 |
> |
| 26 |
> |
| 27 |
> -- |
| 28 |
> gentoo-hardened@g.o mailing list |
| 29 |
|
| 30 |
|
| 31 |
-- |
| 32 |
---- ---- ---- |
| 33 |
Michael Reilly michaelr@×××××.com |
| 34 |
Cisco Systems, Santa Cruz, CA |
| 35 |
|
| 36 |
-- |
| 37 |
gentoo-hardened@g.o mailing list |
Archives