On Thu, 2004-09-16 at 13:46, Daniel J Walsh wrote: > Problem is sysadm is transitioning to the mount command which is not > allowed to write to tty devices. > Normal users don't have the problem since they don't transition to mount. > > Not sure how to solve. You can allow mount_t to rw admin_tty_type:chr_file; it isn't the same situation as with a daemon where you want to prevent a compromised daemon from being able to access it. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
