[grsec] Much more denies after upgrade 2.1.1 -> 2.1.3

Marc Schiffbauer marc at schiffbauer.net
Tue Mar 8 05:10:16 EST 2005


Hi!

I upgraded to 2.1.3 (Linux 2.4.29) and now I get many denies for several 
processes.

With 2.1.1 I had my policies tuned so that there were no denies
which should not be.

Now I get many denies for /dev/null, /usr/local/lib or
/usr/local/share for example.

Its noticeable that many different processes now produce a small
group of similar denies which are:

denied access to hidden file /usr/local/share
denied access to hidden file /usr/local/lib
denied access to hidden file /usr/local/lib/perl
denied access to hidden file /dev/null

removing the "h" flag for them or adding an entry without flags
(only stat allowed) fixes these.

What might be the reson for that?

Thanks in advance
-Marc

PS: Brad I want to thank you for the good work, keep it up! I
appreciate grsec very much.


-- 
+-O . . . o . . . O . . . o . . . O . . .  ___  . . . O . . . o .-+
| Ein Service von Links2Linux.de:         /  o\   RPMs for SuSE   |
| --> PackMan! <-- naeheres unter        |   __|   and  others    |
| http://packman.links2linux.de/ . . . O  \__\  . . . O . . . O . |


More information about the grsecurity mailing list