[grsec] effective dual roles / suggested enhancements
Brad Spengler
spender at grsecurity.net
Wed Jan 12 10:05:03 EST 2005
> Does this exclude domains or is that part of the code parsed by an
> expanded domain list of users?
>
> ie can we write:
>
> domain spender u brad1 brad2
> subject /bin/blah
> ...
> $HOME/.bash_history ra
>
> and have it expanded to /home/brad1 for user brad1 and /home/brad2 for
> user brad2?
It should work on user domains, yes.
> BTW Did you ever implement continuation lines for domains? A domain with
> many users/groups is rather difficult to read in simple editors like vi or
> pico and definately if the policy is printed out.
I'll add that today.
-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050112/df231d7b/attachment.pgp
More information about the grsecurity
mailing list