mount ?

[Stephen Smalley]

On Thu, 2004-09-16 at 13:46, Daniel J Walsh wrote:
> Problem is sysadm is transitioning to the mount command which is not 
> allowed to write to tty devices.
> Normal users don't have the problem since they don't transition to mount.
> 
> Not sure how to solve.

You can allow mount_t to rw admin_tty_type:chr_file; it isn't the same
situation as with a daemon where you want to prevent a compromised
daemon from being able to access it.

-- 
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency