grsecurity forums


http://forums.grsecurity.net./

leak on entries in hidden dirs

http://forums.grsecurity.net./viewtopic.php?f=5&t=1057

Page 1 of 1

leak on entries in hidden dirs

PostPosted: Fri Jan 14, 2005 8:06 am
by jj
I use the acl
{
/etc
/etc/grsec h
}

When i run the system with this,

`ls /etc/grsec` reports No such file or directory (which is correct),
however
`ls /etc/grsec/policy`reports Permission denied
while the answer should be 'No such file or directory' in the absence of a specific acl for /etc/grsec/policy.

I think this is a leak.

PostPosted: Fri Jan 14, 2005 8:42 am
by vs
This issue is fixed in the development version of grsecurity.

I've already posted this problem to the support forum.

-vs

PostPosted: Sat Jan 15, 2005 10:42 am
by jj
No, the post you made does not refer to the same problem.
You are talking about the appearance of 'grsec' in the listing of /etc, which is of course a bug, but not the one i am talking about.

The bug i talk about was already present in the 2.0 if i remember correctly, and it is the fact that an attempt to acces an existing file in a hidden directory returns -EPERM instead of -ENOENT.

PostPosted: Sat Jan 15, 2005 11:57 am
by vs
Sorry, I've misunderstood you.

You're right, of course. It's another bug.

-vs

PostPosted: Sun Jan 16, 2005 8:10 pm
by spender
That problem has been solved along with the other filldir problem however.

-Brad

PostPosted: Mon Jan 17, 2005 11:22 am
by jj
Ok - i just didn't check.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/