[grsec] learn_config: high-reduce-path does not work for
subdirectories?
Marc Schiffbauer
marc at schiffbauer.net
Tue Mar 22 09:45:59 EST 2005
Hi Brad,
it seems like only files get reduced inside a high-reduce-path, not
directories.
In the learn_config I set:
high-reduce-path /var/lib/amavis
(I removed the default high-reduce-path /var/lib entry)
The policy after full learning contains the following which I wanted to
suppress with the high-reduce-path entry:
/var/lib/amavis rwcd
/var/lib/amavis/amavis-20050314T215044-02710
/var/lib/amavis/amavis-20050314T215044-02710/parts
/var/lib/amavis/amavis-20050314T215044-02710/parts/part-00001 r
/var/lib/amavis/amavis-20050314T223005-13473
/var/lib/amavis/amavis-20050314T223005-13473/parts
/var/lib/amavis/amavis-20050314T223005-13473/parts/part-00001 r
/var/lib/amavis/amavis-20050314T223005-13473/parts/part-00002 r
/var/lib/amavis/amavis-20050314T223005-13473/parts/part-00003 r
/var/lib/amavis/amavis-20050314T225102-04427
/var/lib/amavis/amavis-20050314T225102-04427/parts r
/var/lib/amavis/amavis-20050314T232649-01212
/var/lib/amavis/amavis-20050314T232649-01212/parts
/var/lib/amavis/amavis-20050314T232649-01212/parts/part-00001 r
/var/lib/amavis/amavis-20050314T232649-01212/parts/part-00002 r
/var/lib/amavis/amavis-20050314T233656-09527
/var/lib/amavis/amavis-20050314T233656-09527/parts
/var/lib/amavis/amavis-20050314T233656-09527/parts/part-00001 r
/var/lib/amavis/amavis-20050314T233656-09527/parts/part-00002 r
/var/lib/amavis/amavis-20050314T233656-09527/parts/part-00003 r
[...]
May this be caused by "dont-reduce-path /var" so that
"high-reduce-path /var/lib/amavis" does not match
"/var/lib/amavis/*" and therefore directories in "/var/lib/amavis" ?
-Marc
--
° <M3rlin-> what is the legal age to buy alcoholic in england ? °
° <p5Ds13a06> you cant buy alcoholics °
° <p5Ds13a06> but if you wink the right way, °
° some of them will follow you home for free °
More information about the grsecurity
mailing list