aboutsummaryrefslogtreecommitdiff
path: root/en_US.ISO8859-1/books/handbook/mac
diff options
context:
space:
mode:
authorTom Rhodes <trhodes@FreeBSD.org>2006-05-11 22:05:45 +0000
committerTom Rhodes <trhodes@FreeBSD.org>2006-05-11 22:05:45 +0000
commit15d69131fb48bcddfa4f2be62d9798814a3c5748 (patch)
treeced759afd6e8bc463a53e50039257aa17df1e9a6 /en_US.ISO8859-1/books/handbook/mac
parent512ff59a9b98db0cf5c760e0a14d0118359d7976 (diff)
downloaddoc-15d69131fb48bcddfa4f2be62d9798814a3c5748.tar.gz
doc-15d69131fb48bcddfa4f2be62d9798814a3c5748.zip
Fix some simple typos which could cause great havoc. Mainly fix label
settings. These would not have caused any large issues, just opened a hole for root to bypass the security. Noticed by: Borja Marcos <borjamar@sarenet.es>
Notes
Notes: svn path=/head/; revision=27810
Diffstat (limited to 'en_US.ISO8859-1/books/handbook/mac')
-rw-r--r--en_US.ISO8859-1/books/handbook/mac/chapter.sgml10
1 files changed, 5 insertions, 5 deletions
diff --git a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
index cfb3bf90b0..16cfac41a9 100644
--- a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
@@ -1776,7 +1776,7 @@ test: biba/low</screen>
:passwordtime=91d:\
:umask=022:\
:ignoretime@:\
-:label=biba/10:</programlisting>
+:label=biba/10(10-10):</programlisting>
<para>And adding the following line to the default user
class:</para>
@@ -1822,8 +1822,8 @@ mac_seeotheruids_load="YES"</programlisting>
<para>Drop the <username>nagios</username> and
<username>www</username> users into the insecure class:</para>
- <screen>&prompt.root; <userinput>pw usermod nagios -L default</userinput></screen>
- <screen>&prompt.root; <userinput>pw usermod www -L default</userinput></screen>
+ <screen>&prompt.root; <userinput>pw usermod nagios -L insecure</userinput></screen>
+ <screen>&prompt.root; <userinput>pw usermod www -L insecure</userinput></screen>
</sect2>
<sect2>
@@ -1937,8 +1937,8 @@ default_labels socket ?biba</programlisting>
make this happen:</para>
<screen>&prompt.root; <userinput>cd /etc/mail &amp;&amp; make stop &amp;&amp; \
-setpmac biba/equal make start &amp;&amp; setpmac biba/10 apachectl start &amp;&amp; \
-setpmac biba/10 /usr/local/etc/rc.d/nagios.sh forcestart</userinput></screen>
+setpmac biba/equal make start &amp;&amp; setpmac biba/10\(10-10\) apachectl start &amp;&amp; \
+setpmac biba/10\(10-10\) /usr/local/etc/rc.d/nagios.sh forcestart</userinput></screen>
<para>Double check to ensure that everything is working
properly. If not, check the log files or error messages. Use