Executable permissions
Karl MacMillan
kmacmill at redhat.com
Wed Dec 13 16:20:04 UTC 2006
Steve Grubb wrote:
> On Wednesday 13 December 2006 11:00, Karl MacMillan wrote:
>> Is there a reason that the audit tools that take a file name paramater
>> (-if) are not executable by non-root users?
>
> Current tools do not.
>
[root at localhost ~]# ls -l /sbin/au*
-rwxr-x--- 1 root root 3080 Dec 1 11:37 /sbin/audispd*
-rwxr-x--- 1 root root 88216 Dec 1 11:37 /sbin/auditctl*
-rwxr-x--- 1 root root 96068 Dec 1 11:37 /sbin/auditd*
-rwxr-x--- 1 root root 102864 Dec 1 11:37 /sbin/aureport*
-rwxr-x--- 1 root root 115420 Dec 1 11:37 /sbin/ausearch*
-rwxr-x--- 1 root root 68816 Dec 1 11:37 /sbin/autrace*
[root at localhost ~]# rpm -qa | grep audit
audit-libs-1.3-3.fc7
audit-1.3-3.fc7
audit-libs-python-1.3-3.fc7
audit-libs-devel-1.3-3.fc7
It's not the code, but rather the default permissions on the
executables. So this might just be a packaging problem.
Thanks - Karl
More information about the Linux-audit
mailing list