Generic roles in selinux
Barry Roomberg
broom at transcontinentaldirect.com
Wed Oct 27 18:16:37 UTC 2004
Either I'm very confused or my system is very broken.
When I add a new user to my system via the adduser script, they get
tagged
with "Generic" for their policy type.
When I examine (using seuser -X) the users, I see that all the Generics
(there are a lot) have roles of sysadm_r, system_r, and user_r.
Which means to me that all these users can assume sysadm_r by executing
the newrole command.
Is this appropriate? Shouldn't sysadm_r be reserved for administrators?
More information about the fedora-selinux-list
mailing list