On 04/28/09 08:16, Gary Winiger wrote: >> 3.4.2 Authorization >> (see http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ >> and >> http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ >> and >> http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ >> for details) >> Are there any setuid/setgid privileged binaries in the project? >> [ ] Yes - ARC review required >> [*] No - continue with next section (section 3.4.3) >> >> If yes then are the setuid/setgid privileges handled by the use of >> roles? >> [ ] Yes >> [ ] No - ARC review required > > If it's not suid (as ping is), I presume that snort needs something > like net_observibility or net_raw_access to run properly. How does > it get that or any other privileges it may need? > What Rights Profile (and exec_attr(4) properties are required)?
sort monitors logfiles; if it can read those, there's no need for additional privileges. Joep
