Example 25.1
Example phpsysinfo Hat
/usr/sbin/httpd2-prefork {
...
^phpsysinfo {
#include <abstractions/bash>
#include <abstractions/nameservice>
/bin/basename
ixr,
/bin/bash
ixr,
/bin/df
ixr,
/bin/grep
ixr,
/bin/mount
Ux,
/bin/sed
ixr,
/dev/bus/usb/
r,
/dev/bus/usb/**
r,
/dev/null
w,
/dev/tty
rw,
/dev/urandom
r,
/etc/SuSE-release
r,
/etc/ld.so.cache
r,
/etc/lsb-release
r,
/etc/lsb-release.d/
r,
/lib/ld-2.6.1.so
ixr,
/proc/**
r,
/sbin/lspci
ixr,
/srv/www/htdocs/phpsysinfo/**
r,
/sys/bus/pci/**
r,
/sys/bus/scsi/devices/
r,
/sys/devices/**
r,
/usr/bin/cut
ixr,
/usr/bin/getopt
ixr,
/usr/bin/head
ixr,
/usr/bin/lsb_release
ixr,
/usr/bin/lsscsi
ixr,
/usr/bin/tr
ixr,
/usr/bin/who
ixr,
/usr/lib/lib*so*
mr,
/usr/lib/locale/**
r,
/usr/sbin/lsusb
ixr,
/usr/share/locale/**
r,
/usr/share/pci.ids
r,
/usr/share/usb.ids
r,
/var/log/apache2/access_log
w,
/var/run/utmp
kr,
}
}
320
Security Guide
Summary of Contents for LINUX ENTERPRISE DESKTOP 11
Page 1: ...SUSE Linux Enterprise Server www novell com 11 March 17 2009 Security Guide...
Page 9: ...32 7 Managing Audit Event Records Using Keys 433 33 Useful Resources 435...
Page 10: ......
Page 29: ...Part I Authentication...
Page 30: ......
Page 55: ...Figure 4 2 YaST LDAP Server Configuration LDAP A Directory Service 41...
Page 126: ......
Page 127: ...Part II Local Security...
Page 128: ......
Page 158: ......
Page 173: ...Part III Network Security...
Page 174: ......
Page 194: ......
Page 197: ...Figure 16 2 Scenario 2 Figure 16 3 Scenario 3 Configuring VPN Server 183...
Page 210: ......
Page 228: ......
Page 229: ...Part IV Confining Privileges with Novell AppArmor...
Page 230: ......
Page 274: ......
Page 300: ......
Page 328: ......
Page 340: ......
Page 342: ......
Page 386: ......
Page 387: ...Part V The Linux Audit Framework...
Page 388: ......