Hi,
as far as i know, the socket restrictions in grsec (inside the kernel) are based on the group id at the moment.
Is it possible to compile a whitelist with pathnames of trusted progs into the kernel, to deny socket creation to the rest?
Best regards (and thx for this great project)
hgl
Socket restriction feature request
2 posts
• Page 1 of 1
Socket restriction feature request
by hgl » Thu Aug 01, 2013 11:39 am
- hgl
- Posts: 1
- Joined: Thu Aug 01, 2013 10:51 am
Re: Socket restriction feature request
by spender » Thu Aug 01, 2013 6:49 pm
You will need RBAC for this.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
2 posts
• Page 1 of 1