[grsec] attempted socket(inet,stream,ip) ?

Brad Spengler spender at grsecurity.net
Tue Dec 21 20:42:52 EST 2004


> does anybody know: What is being really denied here?

Policies on sockets are auto-generated as an OR of the socket types and 
protocols specified in the connect and bind rules.  You can solve the 
problem by adding some rule like bind 10.0.0.0/32 stream ip
If you can send me an strace of the program, I can see what I can do 
about making learning handle the program's behavior automatically.

-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20041221/bacc7c39/attachment.pgp


More information about the grsecurity mailing list