[grsec] denied rename with rwcd set?
Marc Schiffbauer
marc at schiffbauer.net
Thu Dec 16 18:19:57 EST 2004
Hi,
is there a special needed permission bit to be allowed to rename
something?
log:
kernel: grsec: (root:U:/usr/lib/AntiVir/antivir) denied rename of /usr/lib/AntiVir/antivir.1103238605 to /usr/lib/AntiVir/antivir by /usr/lib/AntiVir/antivir[antivir:4528] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:28137] uid/euid:0/0 gid/egid:0/0
the subject looks like this:
subject /usr/lib/AntiVir/antivir o {
/ h
/bin h
/bin/rm x
/usr/bin/gpg x
/etc r
/etc/ssh h
/etc/grsec h
/etc/shadow h
/etc/passwd h
/lib rx
/proc h
/proc/meminfo r
/var rwxcd
/var/log h
/dev
/dev/log rw
/dev/null rw
/dev/grsec h
/dev/mem h
/dev/kmem h
/dev/port h
/usr
/usr/lib rx
/usr/lib/AntiVir rwcd
# ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/usr/lib/AntiVir/hbedv.key r
/usr/sbin/exim4 x
/usr/share/zoneinfo/Europe/Berlin r
-CAP_ALL
+CAP_CHOWN
+CAP_FSETID
bind 0.0.0.0/32:0 dgram ip
connect 127.0.0.1/32:53 dgram udp
connect 0.0.0.0/0:80 stream tcp
}
-Marc
--
######################################################
# <Raize> can you guys see what I type? #
# <vecna> no, raize #
# <Raize> How do I set it up so you can see it? #
More information about the grsecurity
mailing list