search for: vaccess

On a FreeBSD 5.0 the behaviour of screen when connecting to other users sessions have changed. Previously: 1. login as userA start a screen as userA and disconnect 2. login as root su - userA "screen -r" 3. result failure as userA cant access the ttyX with such a message Current: 1. login as userA start a screen as userA and disconnect 2. login as root su - userA "screen -r" 3.

...changed "type" constants, in order to preserve backwards compatibility with older libc. VOP_SETACL, VOP_GETACL and VOP_ACLCHECK interface remains the same, except for modified "struct acl". VOP_ACCESS changed a little - second argument was changed from "int" to "vaccess_t"; there should be no functional changes related to that. There are differences related to permissions granularity; as long as VOP_ACCESS implementation simply passes the "a_mode" parameter to the proper vaccess(9) routine, there should be no difference in behaviour. Adding granul...

Hi. I've no response from so@ in this topic, probably because leak of time, so I'll try here. Here is a patch that I'm planing to commit: http://people.freebsd.org/~pjd/patches/restricted_hardlinks.patch It adds two new sysctls: security.bsd.hardlink_check_uid security.bsd.hardlink_check_gid If sysctl security.bsd.hardlink_check_uid is set to 1, unprivileged users are not

Hey everyone, I'm hoping someone can point me in the right direction. I'm running a 6.1 box with mac_bsdextended compiled. I've created my ugidfw rules, and all seems well in the universe. I've got rules set up so the web process uid 80 and gid 80 can only read uid 1010 and gid 1010 owned files. When the web server tries to do something else, it throws an error such as: