gradm -R, gramd -u, gradm ld.so [SOLVED]
Posted: Mon Nov 21, 2005 8:44 amFirst of all: thanks for grsec & pax staff for giving the opportunity to secure my box.
I would address three issues (running Gentoo Base System 1.6.13, Hardened x86 profile, compiled mcpu=i686 -O2, 2.6.14.2-grsec kernel with a few clean netfilter patch-o-matic patches, gradm-2.1.7.200511041858).
The first two issues were also present with 2.6.11.12-grsec + gradm-2.1.6.
1. gradm -u
After succesful authentication to admin role, I do not manage to log out of the special role:
The log contains a message about the successful authentication, but no further messages related to the failed operation:
2. gradm -R
I would prefer to reload the policy without ever really stopping the RBAC system. After changing to the special role admin, reloading the policy fails using either the admin's, the root's or the grsec password.
No log messages show up indicating the failed opreration.
3. gradm tries to access ld.so
Sometimes (but not always) shutting down the RBAC system produces a log entry indicating failed access of ld.so by gradm. I can't reliably reproduce this symptom.
Please confirm my findings, share your thoughts or provide a solution of yours.
Regards,
Dw.
I would address three issues (running Gentoo Base System 1.6.13, Hardened x86 profile, compiled mcpu=i686 -O2, 2.6.14.2-grsec kernel with a few clean netfilter patch-o-matic patches, gradm-2.1.7.200511041858).
The first two issues were also present with 2.6.11.12-grsec + gradm-2.1.6.
1. gradm -u
After succesful authentication to admin role, I do not manage to log out of the special role:
- Code: Select all
myhost ~ # gradm -a admin
Password:
myhost ~ # gradm -u
You are not in a special role.
myhost ~ #
The log contains a message about the successful authentication, but no further messages related to the failed operation:
- Code: Select all
Nov 21 13:16:09 myhost grsec: (root:U:/sbin/gradm) successful change to special role admin (id 11) by /sbin/gradm[gradm:8721] u
id/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:12859] uid/euid:0/0 gid/egid:0/0
2. gradm -R
I would prefer to reload the policy without ever really stopping the RBAC system. After changing to the special role admin, reloading the policy fails using either the admin's, the root's or the grsec password.
- Code: Select all
myhost ~ # gradm -R
Password:
Invalid password.
myhost ~ # gradm -R
Password:
Invalid password.
myhost ~ # gradm -R
Password:
Invalid password.
No log messages show up indicating the failed opreration.
3. gradm tries to access ld.so
Sometimes (but not always) shutting down the RBAC system produces a log entry indicating failed access of ld.so by gradm. I can't reliably reproduce this symptom.
Please confirm my findings, share your thoughts or provide a solution of yours.
Regards,
Dw.
