Re: [Fed-Talk] Another BSM related question
Re: [Fed-Talk] Another BSM related question
- Subject: Re: [Fed-Talk] Another BSM related question
- From: David Emery <email@hidden>
- Date: Tue, 18 Aug 2009 15:13:09 -0400
In my secure.log, I'm seeing a nightly entry that looks like this:
... com.apple.SecurityServer: Succeeded authorizing right
system.burn for /user/sbin/system_profiler for authorization created by
/usr/sbin/system_profiler.
... sshd [10046]: Did not receive identification string from 127.0.0.1
This doesn't seem to align with Shawn's explanation (or my intuition
what "system.burn" would mean.) Anyone else seeing this in their
secure.log?
dave
Message: 2
Date: Tue, 18 Aug 2009 09:41:12 -0400
From: "Shawn A. Geddis" <email@hidden>
Subject: Re: [Fed-Talk] Another BSM related question
To: Marty Boegner <email@hidden>
Cc: email@hidden
Message-ID: <email@hidden>
Content-Type: text/plain; charset="us-ascii"
On Aug 18, 2009, at 9:31 AM, Marty Boegner wrote:
...
Mary,
"system.burn" is just one of the many "Rights" that are defined in /
etc/authorization which a User/Admin must acquire before performing
the corresponding action. Anytime you see an authentication dialog,
you can click on the disclosure triangle and see what right is
required for performing that action.
In this case, to burn a cd/dvd requires the acquisition of the
corresponding "Right" of "system.burn" defined in the Authorization
database (which right now is the /etc/authorization - XML flat file).
The snippet of the default from the file for this is:
<key>system.burn</key>
<dict>
<key>class</key>
<string>allow</string>
<key>comment</key>
<string>For burning media.</string>
</dict>
- Shawn
_____________________________________________________
Shawn Geddis - Security Consulting Engineer - Apple Enterprise
--
David Emery, DSCI, supporting PdM FCS (BCT) SW Integration
703 298 3473 (office/cell), 703 272 7496 (fax)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden