policy problem
Posted: Tue Feb 27, 2007 4:21 amHi
In morring when cron is starting I have notice in logs:
grsec: (root:U:/usr/sbin/cron) denied access to hidden file /dev/log by /usr/sbin/cron[cron:23451] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/cron[cron:27441] uid/euid:0/0 gid/egid:0/0
subject /usr/sbin/cron o {
/ h
/bin h
/bin/bash x
/dev h
/dev/log rw
/etc r
/etc/grsec h
/etc/ssh h
/lib h
/lib/security/pam_env.so rx
/lib/security/pam_unix.so rx
/lib/tls/libcrypt-2.3.2.so rx
/usr/sbin/sendmail rx
/var h
/var/spool/cron/crontabs r
/root
-CAP_ALL
+CAP_SETGID
+CAP_SETUID
bind disabled
connect disabled
}
gradm version -> 2.1.8
grsecurity patch -> 2.6.14.4
Where is a error in policy?
-osa
In morring when cron is starting I have notice in logs:
grsec: (root:U:/usr/sbin/cron) denied access to hidden file /dev/log by /usr/sbin/cron[cron:23451] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/cron[cron:27441] uid/euid:0/0 gid/egid:0/0
subject /usr/sbin/cron o {
/ h
/bin h
/bin/bash x
/dev h
/dev/log rw
/etc r
/etc/grsec h
/etc/ssh h
/lib h
/lib/security/pam_env.so rx
/lib/security/pam_unix.so rx
/lib/tls/libcrypt-2.3.2.so rx
/usr/sbin/sendmail rx
/var h
/var/spool/cron/crontabs r
/root
-CAP_ALL
+CAP_SETGID
+CAP_SETUID
bind disabled
connect disabled
}
gradm version -> 2.1.8
grsecurity patch -> 2.6.14.4
Where is a error in policy?
-osa