[grsec] Questions about full learning / feature wish for
learn_config
Marc Schiffbauer
marc at schiffbauer.net
Thu Mar 10 17:33:35 EST 2005
Hi Brad,
* Does the full learning mode read the current policy file?
I want the learning system to learn anything on a production server
running many services.
Do I have to rename /etc/grsec/policy or empty it to make grsec
learn anything with -F or does that mode not care about the current
policy file?
Would it perhaps be better to just use role based learning for every
system user one after another?
* Or is there a way to tell the full learning system what roles to
create?
I want it to build a role for any system user being used (www-run,
amavis, root, ...) and one group role for all users belonging to a
special role.
If not:
Perhaps that would be a cool new feature for learn_config?
create-role g group1
create-role u user1
create-domain u user2 user3 user4
create-domain g group2 group3 group4
...
That way one had perfect control over what roles would be
generated by the full learning system...
Brad, what do you think?
-Marc
--
****************************************************
* (morganj): 0 is false and 1 is true, correct? *
* (alec_eso): 1, morganj *
* (morganj): bastard. *
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050310/a5d73a3e/attachment.pgp
More information about the grsecurity
mailing list