RBAC: root with no powers

rocke robertson · ‎08-27-2008

Hello all.

Is there a way to make root powerless using RBAC, as in giving root a role, and a smaller one at that. Sort of like B1 Unix?

Root has the administrator role by default with roleadm list. If I revoke it (assuming I can), will root be powerless? But if I do that, what happens to all the process's that run as root?

TIA

Steven E. Protter · ‎08-27-2008

Shalom,

Take away root powers no.

System can not operate without root powers.

As applications go, I refused delivery on a version of cyborg once because they insisted the root user start the daemon and refused to change it so the normal user could start it.

This fact was on a security audit.

I lost that battle but eventually cyborg got the message and made the change.

I think you should try your last idea on a test system as it very likely could disable RBAC.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

RBAC: root with no powers

RBAC: root with no powers

Re: RBAC: root with no powers