16 Sep
2004
16 Sep
'04
1:08 p.m.
On Thu, 2004-09-16 at 13:46, Daniel J Walsh wrote:
Problem is sysadm is transitioning to the mount command which is not allowed to write to tty devices. Normal users don't have the problem since they don't transition to mount.
Not sure how to solve.
You can allow mount_t to rw admin_tty_type:chr_file; it isn't the same situation as with a daemon where you want to prevent a compromised daemon from being able to access it.
--
Stephen Smalley sds@epoch.ncsc.mil
National Security Agency