Valid on UNIX
Symptom:
I created a rule that has a default access authority of none for the /etc/passwd and /etc/group files, but I still have read access to these files.
Solution:
By default, the CA ControlMinder authorization engine bypasses read access checks for the /etc/passwd and /etc/group system files. To stop CA ControlMinder bypassing read access checks for system files, change the value of bypass_system_files in the [seosd] section of the seos.ini file to no.
Important! If you stop CA ControlMinder bypassing read access checks for system files, verify that correct authorizations are in place. If you do not set the correct authorizations and bypass read access checks, users including CA ControlMinder administrations and the root user may not be to access the system, and critical system processes may fail.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|