|
Home About Us A-Z Index Search * Contact Us Register Login Press ShopThe Open Brand -- Problem Reporting and Interpretations System |
Problem Report 2600 Details
Show help | Quick Search | Submit a Test Suite Support Request | Click here to view your privileges
This page provides all information on Problem Report 2600.
Report 2600 Actions
Problem Report Number 2600 Submitter's Classification Test Suite problem State Resolved Resolution Test Suite Deficiency (TSD) Problem Resolution ID TSD.X.1350 Raised 2014-10-17 16:13 Updated 2014-10-17 12:23 Published 2014-10-17 12:23 Product Standard Internationalised System Calls and Libraries Extended (UNIX 95) Certification Program The Open Brand certification program Test Suite VSX4 version 4.7.7 Test Identification /tset/POSIX.os/procprim/exec/T.execl{32},T.execle{32},T.execlp
{32},T.execv{32},T.execve{32},T.execvp{32}Specification System Interface Definitions Issue 4 Version 2 Location in Spec XBD4.2 (document C434)
page 15 under "file access permissions".Problem Summary Additional file access control mechanism prevents execution of other
programs from set-user-ID programsProblem Text I submitted the following request for test
case /tset/POSIX.os/procprim/exec/T.exec*{32}.
(https://ts-help.opengroup.org/requests/20 )
The discussion is at the end the request.
We need to request a TSD for the following test case, could you help
us?
/tset/POSIX.os/procprim/exec/T.execl{32}
/tset/POSIX.os/procprim/exec/T.execle{32}
/tset/POSIX.os/procprim/exec/T.execlp{32}
/tset/POSIX.os/procprim/exec/T.execv{32}
/tset/POSIX.os/procprim/exec/T.execve{32}
/tset/POSIX.os/procprim/exec/T.execvp{32}
Here is the request I submitted and the reply.
Reply:
For tests 26 and 28, as discussed previously for VSU, it is fine for
you to set up the necessary extended attributes to grant execute
permission on the affected files.
For test 32, unfortunately the files do_acc-pg.d/do_acc-pg.t and
do_acc-po.d/do_acc-po.t are created at runtime during execution
of the do_access() function in SRC/common/tsetlib/do_access.c.
So unless you can assign the program control extended attribute
to a pathname for a file that does not yet exist, I don't see any way
for you to prevent the test 32 failures. If/when you submit results
for certification that have these failures, you will need to request
a TSD to cover them.
Regards,
Request
Jan 02 07:36
Hello :
1. We have several questions about the following variations about
exec.
/tset/POSIX.os/procprim/exec/T.execl{26,28,32}
/tset/POSIX.os/procprim/exec/T.execle{26,28,32}
/tset/POSIX.os/procprim/exec/T.execlp{26,28,32}
/tset/POSIX.os/procprim/exec/T.execv{26,28,32}
/tset/POSIX.os/procprim/exec/T.execve{26,28,32}
/tset/POSIX.os/procprim/exec/T.execvp{26,28,32}
2. We got failures for these test cases, the output like following:
(1) For Variation 26,28,
a) From journal:
...
15|0 3.8-lite 1|TCM Start
400|0 26 1 20:59:32|IC Start
200|0 26 20:59:32|TP Start
520|0 26 00016842804 2 1|deletion reason - unexpected child status
520|0 26 00016842804 2 2|expected action: process exitted - exit code
8
520|0 26 00016842804 2 3|observed action: signal 9 terminated process
220|0 26 2 20:59:32|UNRESOLVED
410|0 26 1 20:59:32|IC End
80|0 0 20:59:33|TC End, scenario ref 1-0
...
b) From our system log:
BPXP029I OPEN ERROR FOR FILE PATH 588
../exec_uids
DEVICE ID 10 INODE 12405.
IEA995I SYMPTOM DUMP OUTPUT 589
SYSTEM COMPLETION CODE=EC6 REASON CODE=0594E04B
TIME=20.59.32 SEQ=02468 CPU=0000 ASID=0025
PSW AT TIME OF ERROR 470C4400 B5F42826 ILC 2 INTC 0D
NO ACTIVE MODULE FOUND - PRIMARY NOT EQUAL TO HOME
NAME=UNKNOWN
DATA AT PSW 35F42820 - C06018F2 0A0D98E9 D2A858C0
AR/GR 0: 00000002/00000000_0000016B 1: 00000000/00000000_04EC6000
2: 00000000/00000000_0594E04B 3: 00000000/00000000_026C6158
4: 0101003A/00000000_00000004 5: 0101003A/00000000_364E3110
6: 00000000/00000000_01106400 7: 00000000/00000048_364E2360
8: 0101003A/7E74C148_01B6A518 9: 00000000/00000000_364E3BD7
A: 00000000/00000000_364E2678 B: 00000000/00000000_026C6158
C: 00000000/00000000_35F429A0 D: 00000000/00000000_364E2BD8
E: 00000002/00000000_B5F4280C F: 00000000/00000000_0594E04B
END OF SYMPTOM DUMP
BPXP018I THREAD 365FE00000000001, IN PROCESS 16842801, ENDED 590
(2) For Variation 32:
a) From journal:
...
15|0 3.8-lite 1|TCM Start
400|0 32 1 21:52:58|IC Start
200|0 32 21:52:58|TP Start
520|0 32 00065950 310 1|child process was terminated by signal 9
(SIGKILL)
520|0 32 00065950 312 1|child process was terminated by signal 9
(SIGKILL)
520|0 32 00016843168 2 1|privileged process with effective uid = 0,
gid = 400
520|0 32 00016843168 2 2|owner/group of do_acc-pg.d and do_acc-
pg.d/do_acc-pg.t: 241/400
520|0 32 00016843168 2 3|mode of do_acc-pg.d: 0, mode of do_acc-
pg.d/do_acc-pg.t: 0100
520|0 32 00016843168 2 4|privileged process with effective uid = 0,
gid = 400
520|0 32 00016843168 2 5|owner/group of do_acc-po.d and do_acc-
po.d/do_acc-po.t: 241/401
520|0 32 00016843168 2 6|mode of do_acc-po.d: 0, mode of do_acc-
po.d/do_acc-po.t: 010
220|0 32 2 21:53:11|UNRESOLVED
410|0 32 1 21:53:11|IC End
80|0 0 21:53:13|TC End, scenario ref 1-0
...
b) From our system log:
BPXP029I OPEN ERROR FOR FILE PATH 613
do_acc-pg.d/do_acc-pg.t
DEVICE ID 10 INODE 17651.
IEA995I SYMPTOM DUMP OUTPUT 614
SYSTEM COMPLETION CODE=EC6 REASON CODE=0594E04B
TIME=21.07.15 SEQ=02470 CPU=0000 ASID=004B
PSW AT TIME OF ERROR 470C4400 B5F42826 ILC 2 INTC 0D
NO ACTIVE MODULE FOUND - PRIMARY NOT EQUAL TO HOME
NAME=UNKNOWN
DATA AT PSW 35F42820 - C06018F2 0A0D98E9 D2A858C0
AR/GR 0: 00000002/00000000_0000016B 1: 00000000/00000000_04EC6000
2: 00000000/00000000_0594E04B 3: 00000000/00000000_026C6158
4: 0101003A/00000000_00000004 5: 0101003A/00000000_371A3AA0
6: 00000000/00000000_01107B00 7: 00000000/00000048_371A2CF0
8: 0101003A/7E72C010_01B6A518 9: 00000000/00000000_371A4567
A: 00000000/00000000_371A3008 B: 00000000/00000000_026C6158
C: 00000000/00000000_35F429A0 D: 00000000/00000000_371A3568
E: 00000002/00000000_B5F4280C F: 00000000/00000000_0594E04B
END OF SYMPTOM DUMP
BPXP018I THREAD 365FE20000000000, IN PROCESS 67174549, ENDED 615
WITHOUT BEING UNDUBBED WITH COMPLETION CODE 04EC6000
do_acc-po.d/do_acc-po.t
DEVICE ID 10 INODE 17653.
IEA995I SYMPTOM DUMP OUTPUT 620
SYSTEM COMPLETION CODE=EC6 REASON CODE=0594E04B
TIME=21.07.15 SEQ=02471 CPU=0000 ASID=0052
PSW AT TIME OF ERROR 470C4400 B5F42826 ILC 2 INTC 0D
NO ACTIVE MODULE FOUND - PRIMARY NOT EQUAL TO HOME
NAME=UNKNOWN
DATA AT PSW 35F42820 - C06018F2 0A0D98E9 D2A858C0
AR/GR 0: 00000002/00000000_0000016B 1: 00000000/00000000_04EC6000
2: 00000000/00000000_0594E04B 3: 00000000/00000000_026C6158
4: 0101003A/00000000_00000004 5: 0101003A/00000000_36401F60
6: 00000000/00000000_01107700 7: 00000000/00000048_364011B0
8: 0101003A/7E72D010_01B6A518 9: 00000000/00000000_36402A27
A: 00000000/00000000_364014C8 B: 00000000/00000000_026C6158
C: 00000000/00000000_35F429A0 D: 00000000/00000000_36401A28
E: 00000002/00000000_B5F4280C F: 00000000/00000000_0594E04B
END OF SYMPTOM DUMP
BPXP018I THREAD 365FE20000000000, IN PROCESS 65690, ENDED 621
WITHOUT BEING UNDUBBED WITH COMPLETION CODE 04EC6000
3. Our O/S adds a more strict requirement for set-user-ID programs
recently.
=======================================================================
======
to exec a set-user-ID program
If a UNIX set-user-ID or set-group-ID privileged program that switched
the
caller's effective uid or gid invokes exec to execute a z/OS UNIX
executable
program file, the program file and any symbolic links that comprise
the path
name to the file must have the proper attributes to allow the
invocation.
The O/S UNIX executable file must be installed with an owning UID of
0 or
with an owning UID equal to that of the calling set-user-ID program or
have the program control extended attribute.
=======================================================================
=======
(1) I have talked about the similar problem with you for VSU test
cases at Nov. 2013.
See attachment 1 at the end of this request.
(2) As the document described above, when the executable programs
"/tset/POSIX.os/procprim/exec/exec_uids" is invoked "exec" by set-user-
ID program "exec_setid" or "exec_su".
"/tset/POSIX.os/procprim/exec/exec_uids" needs at least one of the 3
following conditions.
a) the owning UID is 0
b) an owning UID equal to that of the calling set-user-ID program
c) this executable program has the program control extended attribute.
(3) From our system, the attributes for the following files
under /tset/POSIX.os/procprim/exec/ are as below:
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.execl
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.execle
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.execlp
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.execv
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.execve
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.execvp
-rwxr-xr-x --s- 1 vsx0 VSXG0 917504 Mar 4 2013 T.fexecve
-rwsr-xr-x --s- 1 MVSNFSSV VSXG0 344064 Mar 4 2013 exec_setid
-rwsr-xr-x --s- 1 MVSNFSSV VSXG0 466944 Mar 4 2013 exec_su
-rwsr-sr-x --s- 1 vsx1 VSXG1 73728 Mar 4 2013 exec_tfail
-rwxr-xr-x --s- 1 vsx0 VSXG0 225280 Mar 4 2013 exec_tgen
-rwsr-sr-x --s- 1 vsx1 VSXG1 73728 Mar 4 2013 exec_tok
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp0
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp1
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp2
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp3
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp4
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp5
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp6
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp7
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp8
-rwxr-xr-x --s- 1 vsx0 VSXG0 73728 Mar 4 2013 exec_tp9
-rwsr-xr-x --s- 1 MVSNFSSV VSXG0 147456 Mar 4 2013 exec_tstop
-rwxr-xr-x --s- 1 VSX2 VSXG2 155648 Mar 4 2013 exec_uids
-rw-rw-rw- --s- 1 vsx0 VSXG0 349 Jan 2 02:09 tet_xres
From the result above, we can see:
"/tset/POSIX.os/procprim/exec/exec_uids" does not meet any of these 3
conditions.
a) its owning id is "VSX2", not 0
b) its owning id is "VSX2", not equal to the callers'
c) setreuid_exec does not have the program control extended attribute.
So T.exec*{26,28} fails now.
4. How to solve these problems?
(1) For Variation 26,28:
I need to add "the program control extended attribute." to the
following file:
/tset/POSIX.os/procprim/exec/exec_uids
Q1:
I have talked about the similar problem last year, and you permitted
us to add extra controls then.
Could you give us the same permission to add "program control extended
attribute" for this file?
(2) For Variation 32:
We intended to use the similar method as above to add "program control
extended attribute" for files:
do_acc-pg.d/do_acc-pg.t
do_acc-po.d/do_acc-po.t.
But, due to my poor skills, I could not find the locations for do_acc-
pg.d/do_acc-pg.t and do_acc-po.d/do_acc-po.t.
Q2:
Since the test case is complicated, we need your help on how to find
these two files.
Could you help us?
Happy New Year! Thank you!
attachment 1:
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||||
Reply from open group
Nov 22 10:23 (GMT)
The extra controls on execute permission that you describe are a valid
"additional file access control mechanism" as per XBD4.2 (document
C434)
page 15 under "file access permissions". Therefore it is fine for you
to set up the necessary extended attributes to grant execute
permission
on the affected files.
Note that you will need to describe this access mechanism in your
answer to question 12 of the Internationalised System Calls and
Libraries Extended CSQ when you certify the new version of the system
that has these additional controls.
Regards,
P.S. Support for VSU5.3.5 expired on Nov 7th, so I have updated the
version number in this ticket to the latest version, 5.3.7.
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||||
Request
Nov 22 09:11 (GMT)
Hello :
1. We have a question about VSU test cases, which all about set-user-
ID programs.
/tset/CAPI.os/procenv/setregid/T.setregid{6}
/tset/CAPI.os/procenv/setregid/T.setregid{7}
/tset/CAPI.os/procenv/setreuid/T.setreuid{7}
2. We got failures for these test cases, the output like following:
200|0 7 21:57:52|TP Start
520|0 7 00000027 1 1|DEBUG: Entering capi_base/gt_conf.c:get_conf_uid
()
520|0 7 00000027 1 2|PREP: Read value for VSX_UID1 configuration
520|0 7 00000027 1 3| parameter
520|0 7 00000027 1 4|DEBUG: Exiting capi_base/gt_conf.c:get_conf_uid()
520|0 7 00000027 1 5|PREP: Set the effective and real user IDs to
VSX_UID1
520|0 7 00000027 1 6|PREP: Fork a child process and a execute a
program in
520|0 7 00000027 1 7| this process which has its set-user-ID set to
520|0 7 00000027 1 8| another user. This will cause the effective user
520|0 7 00000027 1 9| ID of the child to be different from its saved
520|0 7 00000027 1 10| set-user-ID
520|0 7 00000027 2 1|DEBUG: Entering capi_com/wait_for.c:wait_for
520|0 7 00000027 2 2|DEBUG: Entering capi_com/signals.c:avs_set_alarm
()
520|0 7 00000027 2 3|DEBUG: Entering capi_com/signals.c:avs_signal()
520|0 7 00000027 2 4|DEBUG: Exiting capi_com/signals.c:avs_signal()
520|0 7 00000027 2 5|DEBUG: Exiting capi_com/signals.c:avs_set_alarm()
520|0 7 00000027 2 6|DEBUG: Entering capi_com/signals.c:avs_signal()
520|0 7 00000027 2 7|DEBUG: Exiting capi_com/signals.c:avs_signal()
520|0 7 00000027 2 8|DEBUG: Exiting capi_com/wait_for.c:wait_for
220|0 7 7 21:57:52|NORESULT
410|0 7 1 21:57:52|IC End
3. Our O/S added a more strict requirement for set-user-ID programs
recently.
=======================================================================
======
to exec a set-user-ID program
If a UNIX set-user-ID or set-group-ID privileged program that switched
the
caller's effective uid or gid invokes exec to execute a z/OS UNIX
executable
program file, the program file and any symbolic links that comprise
the path
name to the file must have the proper attributes to allow the
invocation.
The O/S UNIX executable file must be installed with an owning UID of
0 or
with an owning UID equal to that of the calling set-user-ID program or
have the program control extended attribute.
=======================================================================
=======
As the document described above, when the executable
programs "setreuid_exc" is
invoked "exec" by a set-user-ID program "setreuid7".
"setreuid_exc" needs at least one of the 3 following conditions.
(1) the owning UID is 0
(2) an owning UID equal to that of the calling set-user-ID program
(3) this executable program has the program control extended
attribute.
ICTVSU4/VSX0
138 /SYSTEM/tmp/usr526/TET/vsu/TESTROOT/tset/CAPI.os/procenv/setreuid>
ls -lE *
-rwxr-xr-x --s- 15 VSX0 VSXG0 102400 Jul 28 2005 T.setreuid
-rwsr-xr-x --s- 1 SYSADM VSXG0 258048 Dec 1 2005 setreuid1
-rwxr-xr-x --s- 1 VSX0 VSXG0 245760 Dec 1 2005 setreuid10
-rwsr-xr-x --s- 1 SYSADM VSXG0 253952 Dec 1 2005 setreuid11
-rwsr-xr-x --s- 1 SYSADM VSXG0 253952 Dec 1 2005 setreuid12
-rwsr-xr-x --s- 1 SYSADM VSXG0 258048 Dec 1 2005 setreuid2
-rwsr-xr-x --s- 1 SYSADM VSXG0 258048 Dec 1 2005 setreuid3
-rwsr-xr-x --s- 1 SYSADM VSXG0 266240 Dec 1 2005 setreuid4
-rwsr-xr-x --s- 1 SYSADM VSXG0 258048 Dec 1 2005 setreuid5
-rwxr-xr-x --s- 1 VSX0 VSXG0 253952 Dec 1 2005 setreuid6
-rwsr-xr-x --s- 1 SYSADM VSXG0 274432 Dec 1 2005 setreuid7 <-----
caller's uid is 0
-rwxr-xr-x --s- 1 VSX0 VSXG0 245760 Dec 1 2005 setreuid8
-rwxr-xr-x --s- 1 VSX0 VSXG0 258048 Dec 1 2005 setreuid9
-rwxr-xr-x --s- 1 VSX0 VSXG0 196608 Dec 1 2005 setreuid_exc <-----
owning uid is not 0
-rw-r--r-- --s- 1 VSX0 VSXG0 1340 Nov 20 02:43 tet_xres
-rwxr-xr-x --s- 1 VSX0 VSXG0 150 Dec 1 2005 vsu_ic_map
"setreuid_exc" does not meet any of these 3 conditions.
(1) its owning id is "VSX0", not 0
(2) its owning id is "VSX0", not equal to the calling set-user-ID
program setreuid7,
the owning id of setreuid7 is "SYSADM" which is admin(uid is 0).
(3) setreuid_exec does not have the program control extended
attribute.
So T.setreuid{7} fails now. The same problem exists for T.setregid{6}
and T.setregid{7}
ICTVSU4/VSX0
145 /SYSTEM/tmp/usr526/TET/vsu/TESTROOT/tset/CAPI.os/procenv/setregid>
-rwxr-xr-x --s- 15 VSX0 VSXG0 102400 Jul 28 2005 T.setregid
-rwsr-xr-x --s- 1 SYSADM VSXG0 258048 Jul 28 2005 setregid1
-rwsr-xr-x --s- 1 SYSADM VSXG0 253952 Jul 28 2005 setregid10
-rwsr-xr-x --s- 1 SYSADM VSXG0 253952 Jul 28 2005 setregid11
-rwxr-xr-x --s- 1 VSX0 VSXG0 258048 Jul 28 2005 setregid12
-rwsr-xr-x --s- 1 SYSADM VSXG0 253952 Jul 28 2005 setregid2
-rwsr-xr-x --s- 1 SYSADM VSXG0 253952 Jul 28 2005 setregid3
-rwsr-xr-x --s- 1 SYSADM VSXG0 262144 Jul 28 2005 setregid4
-rwsr-xr-x --s- 1 SYSADM VSXG0 262144 Jul 28 2005 setregid5
-rwsr-xr-x --s- 1 SYSADM VSXG0 270336 Jul 28 2005 setregid6
-rwsr-xr-x --s- 1 SYSADM VSXG0 274432 Jul 28 2005 setregid7
-rwsr-xr-x --s- 1 SYSADM VSXG0 258048 Jul 28 2005 setregid8
-rwsr-xr-x --s- 1 SYSADM VSXG0 262144 Jul 28 2005 setregid9
-rwxr-xr-x --s- 1 VSX0 VSXG0 196608 Jul 28 2005 sregid6_exc <-----
owning uid is not 0
-rwxr-xr-x --s- 1 VSX0 VSXG0 196608 Jul 28 2005 sregid7_exc <-----
owning uid is not 0
-rw-r--r-- --s- 1 VSX0 VSXG0 11311 Nov 19 21:23 tet_xres
-rwxr-xr-x --s- 1 VSX0 VSXG0 150 Jul 28 2005 vsu_ic_map
4. How to solve this problem?
We need to add "the program control extended attribute." to the
following 3 files
(1) setreuid_exc
(2) sregid6_exc
(3) sregid7_exc
Then these executable files meet the third condition.
Our O/S has a shell command "extattr" which can set "extended
attribute"
"extattr
+p /tmp/usr526/TET/vsu/TESTROOT/tset/CAPI.os/procenv/setreuid/setreuid_
exc"
"extattr
+p /tmp/usr526/TET/vsu/TESTROOT/tset/CAPI.os/procenv/setregid/sregid6_e
xc"
"extattr
+p /tmp/usr526/TET/vsu/TESTROOT/tset/CAPI.os/procenv/setregid/sregid7_e
xc"
After adding program control extended attributes, these 3 cases pass
now.
5. What are extended attributes?
Perhaps they are special attributes which only z/OS USS has. There are
4 kinds of extended attributes on USS
(1) a Program runs APF authorized if linked AC=1
(2) p Program is considered program controlled
(3) s Program runs in a shared address space
(4) l Program is loaded from the shared library region
We can use "ls -E" option to display this extend attributes on USS,
and use "extattr" command to add or del
these attributes.
(6) We need your permission to add this "program control extended
attribute" to these 3 files.
(1) setreuid_exc
(2) sregid6_exc
(3) sregid7_exc
Could you approve this modification?
Thank you!
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||||Test Output 15|0 3.8-lite 1|TCM Start
400|0 32 1 21:52:58|IC Start
200|0 32 21:52:58|TP Start
520|0 32 00065950 310 1|child process was terminated by signal 9
(SIGKILL)
520|0 32 00065950 312 1|child process was terminated by signal 9
(SIGKILL)
520|0 32 00016843168 2 1|privileged process with effective uid = 0,
gid = 400
520|0 32 00016843168 2 2|owner/group of do_acc-pg.d and do_acc-
pg.d/do_acc-pg.t: 241/400
520|0 32 00016843168 2 3|mode of do_acc-pg.d: 0, mode of do_acc-
pg.d/do_acc-pg.t: 0100
520|0 32 00016843168 2 4|privileged process with effective uid = 0,
gid = 400
520|0 32 00016843168 2 5|owner/group of do_acc-po.d and do_acc-
po.d/do_acc-po.t: 241/401
520|0 32 00016843168 2 6|mode of do_acc-po.d: 0, mode of do_acc-
po.d/do_acc-po.t: 010
220|0 32 2 21:53:11|UNRESOLVED
410|0 32 1 21:53:11|IC End
80|0 0 21:53:13|TC End, scenario ref 1-0Review Information
Review Type TSMA Review Start Date 2014-10-17 16:13 Last Updated 2014-10-17 12:02 Completed 2014-10-17 12:02 Status Complete Review Recommendation No Resolution Given Review Response
Review Type SA Review Start Date 2014-10-17 20:02 Last Updated 2014-10-17 12:16 Completed 2014-10-17 12:16 Status Complete Review Resolution Test Suite Deficiency (TSD) Review Conclusion A test suite deficiency is granted
Problem Reporting System Options:
- View Report 2600
- List All PRs
- Search Reports
- Email the System Administrator
- View the The Open Brand Interpretations Database User Manual
Contact the Certification Authority