diff options
author | Tom Rhodes <trhodes@FreeBSD.org> | 2006-05-11 22:05:45 +0000 |
---|---|---|
committer | Tom Rhodes <trhodes@FreeBSD.org> | 2006-05-11 22:05:45 +0000 |
commit | 15d69131fb48bcddfa4f2be62d9798814a3c5748 (patch) | |
tree | ced759afd6e8bc463a53e50039257aa17df1e9a6 /en_US.ISO8859-1/books/handbook/mac | |
parent | 512ff59a9b98db0cf5c760e0a14d0118359d7976 (diff) | |
download | doc-15d69131fb48bcddfa4f2be62d9798814a3c5748.tar.gz doc-15d69131fb48bcddfa4f2be62d9798814a3c5748.zip |
Fix some simple typos which could cause great havoc. Mainly fix label
settings. These would not have caused any large issues, just opened a
hole for root to bypass the security.
Noticed by: Borja Marcos <borjamar@sarenet.es>
Notes
Notes:
svn path=/head/; revision=27810
Diffstat (limited to 'en_US.ISO8859-1/books/handbook/mac')
-rw-r--r-- | en_US.ISO8859-1/books/handbook/mac/chapter.sgml | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml index cfb3bf90b0..16cfac41a9 100644 --- a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml @@ -1776,7 +1776,7 @@ test: biba/low</screen> :passwordtime=91d:\ :umask=022:\ :ignoretime@:\ -:label=biba/10:</programlisting> +:label=biba/10(10-10):</programlisting> <para>And adding the following line to the default user class:</para> @@ -1822,8 +1822,8 @@ mac_seeotheruids_load="YES"</programlisting> <para>Drop the <username>nagios</username> and <username>www</username> users into the insecure class:</para> - <screen>&prompt.root; <userinput>pw usermod nagios -L default</userinput></screen> - <screen>&prompt.root; <userinput>pw usermod www -L default</userinput></screen> + <screen>&prompt.root; <userinput>pw usermod nagios -L insecure</userinput></screen> + <screen>&prompt.root; <userinput>pw usermod www -L insecure</userinput></screen> </sect2> <sect2> @@ -1937,8 +1937,8 @@ default_labels socket ?biba</programlisting> make this happen:</para> <screen>&prompt.root; <userinput>cd /etc/mail && make stop && \ -setpmac biba/equal make start && setpmac biba/10 apachectl start && \ -setpmac biba/10 /usr/local/etc/rc.d/nagios.sh forcestart</userinput></screen> +setpmac biba/equal make start && setpmac biba/10\(10-10\) apachectl start && \ +setpmac biba/10\(10-10\) /usr/local/etc/rc.d/nagios.sh forcestart</userinput></screen> <para>Double check to ensure that everything is working properly. If not, check the log files or error messages. Use |