I think you'll need to allow stat permission too - say "rxs" not
just "rx".
You may also want to think about what this rule does to /tmp.
David.
Works fine in this way, thanks.
Cheers,
Gábor Kövesdán
___
freebsd-stable@freebsd.org maili
On Mon, Jun 27, 2005 at 10:45:35AM +0200, K?vesd?n G?bor wrote:
> Hello,
>
> I try to make a bsdextended mac policy and when I add the following
> rule, I can't login with a simple user:
>
> ugidfw add subject not uid root object uid root mode rx
I think you'll need to allow stat permission too
Hello,
I try to make a bsdextended mac policy and when I add the following
rule, I can't login with a simple user:
ugidfw add subject not uid root object uid root mode rx
This rule is for protecting root's files from others in any case.
And I've got the following message:
/libexec/ld-els.so.
