[grsec] logging of "create SUID" errors
Matija Nalis
mnalis-ml at voyager.hr
Fri Nov 10 16:16:17 EST 2006
Would it be possible to mark differently deny errors for normal create
(c object flag) and create SUID/SGID (m object flag) ?
Currently (grsecurity-2.1.9-2.6.18) it looks like this for SUID/SGID create,
and was very confusing as the object has "rwcdl" flags (sure, I'll probably
be smarter and get this faster next time, but I'm not the only one out there :)
grsec: From 192.168.1.8: (default:D:/etc/cron.daily/backup) denied create of /back/tmp/tmp.mondo.3679/tmp.mondo.11346/mindilinux/2108/bigdir/bin/ping
for writing by /bin/cp[cp:18037] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/mindi[mindi:2108] uid/euid:0/0 gid/egid:0/0
--
Opinions above are GNU-copylefted.
More information about the grsecurity
mailing list