CONFIG_GRKERNSEC_SYSCTL_ON

Discuss and suggest new grsecurity features

CONFIG_GRKERNSEC_SYSCTL_ON

Postby devillinux » Mon Jan 03, 2005 8:52 pm

Brad,

I like the idea behing the new CONFIG_GRKERNSEC_SYSCTL_ON , however it causes a lot of messagebwhen auditing is enabled.
Those message are showing up first on the console, until klogd is started and then it fills up the logs.
The ability to turn the audit messages off is far later in the boot process.

I would suggest to add another option, to disable all the audit ones, i.e. CONFIG_GRKERNSEC_SYSCTL_AUDIT_OFF.

Heiko
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm

Postby spender » Tue Jan 04, 2005 12:04 pm

Use the group for audit feature if you don't want to see a bunch of logs from root.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Postby devillinux » Tue Jan 04, 2005 12:26 pm

I actually want the auditing enabled for all users, so that's not really an option.

I can rewrite the initrd script to disable all logging, but I won't be able to get around the first message (either starting klogd or mounting proc).

Heiko
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm


Return to grsecurity development

cron