[grsec] grsec + POSIX ACLs
Igmar Palsenberg
maillist at jdimedia.nl
Thu Feb 3 03:25:02 EST 2005
> Are there any implications of using POSIX ACLs for example in the /home
> directory with grsec?
No.
> The latest patch from acl.bestbits.at should be
> available shortly for 2.4.29. In principle they are already in 2.6
> kernels but I think it is better to stay with 2.4 for the moment.
>
> join only shows three files where the patches could conflict:
>
> linux-2.4.29/fs/namei.c
> linux-2.4.29/kernel/fork.c
> linux-2.4.29/kernel/ksyms.c (in 2 places)
>
> apart from the Makefile and Config files of course.
>
> Using both together would give us the best of both worlds - using grsec on
> the system and to control the overview but allowing the user to user
> g|setfacl on their own directories and files.
This isn't a problem. I've been running this combo for a couple of years
without a hitch.
Igmar
More information about the grsecurity
mailing list