permissions in chroot
Issue #29
new
So far we've been pretty loose on permissions when creating chroot environments - changing ones that are necessary or else things don't work (i.e. .ssh directory).
We create chroot environments with directories/files that mirror what is in base PASE. I am thinking the same should be done with permissions in chroot.
GOAL: Create a shell script that can optionally invoked to traverse directories in chroot, check permissions of same directory/file in base PASE, and then chmod the chroot directory/file.
I started digging and found Linux has the stat command but AIX doesn't. AIX has the istat command but PASE doesn't (that I can see).
##Before I get too much further into research I wanted to run this idea by you to get thumbs up and also ask whether there are stat-type commands for PASE I don't know about; or do I need to write a script.
Comments (2)
-
Account Deleted
-
Account Deleted
Well, as you can see, i don't like the idea of matching PASE in the chroot locations.
Your question about stat ... no, grasshopper. To wit, when you consider a technology like recommended crtautl authorization list(s), a Unix-centric stat seems mickey mouse (*).
(*) repeat -- Of course, security, similar to election politics, has many candidates with different views ( cough ... loud views).
- Log in to comment
So, two schools of thought.
In both cases, i am inclined to think that security is tighter than the original PASE.
So, no, i do not think exact matching PASE is all that and a box of cookies (*).
(*) Of course, security, similar to election politics, has many candidates with different views ( cough ... loud views).