James Walker <jw137282 at sac.sfbay.sun.com> writes:
> 3.4.2 Authorization
> (see http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/
> and
> http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
> and
> http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
> for details)
> Are there any setuid/setgid privileged binaries in the project?
> [ ] Yes - ARC review required
> [*] No - continue with next section (section 3.4.3)
>
> If yes then are the setuid/setgid privileges handled by the use of
> roles?
> [ ] Yes
> [ ] No - ARC review required
Shouldn't tcpdump be added to the Network Management profile in
/etc/security/exec_attr, just like snoop is?
Rainer
--
-----------------------------------------------------------------------------
Rainer Orth, Faculty of Technology, Bielefeld University
