grsecurity forums


https://forums.grsecurity.net./

learning mode for directories

https://forums.grsecurity.net./viewtopic.php?f=3&t=171

Page 1 of 1

learning mode for directories

PostPosted: Tue Oct 01, 2002 10:38 pm
by dontask87
hi again, was trying to use learning mode to capture everything done by applications under a certain directory. To be specific I was trying to watch all executables under /etc/rc.d/init.d during a shutdown. It appears that you can only enable learning mode one application at a time and not for a directory acl entry. An error or warning message telling me i was using learning mode incorrectly would have helped. Having said that, perhaps it's an expensive error to test for.

Anyway, i'm still having fun locking my machine down and really just wanted to say thanks for the effort you've put into Grsecurity.

Now, anyone know where i can find a decent hacker to check my work so far :wink:

PostPosted: Wed Oct 02, 2002 1:47 pm
by spender
you can use learning mode on a directory. You were probably just having problems using it with /etc/rc.d/init.d, because shell scripts are difficult to create ACLs for...very little work is actually done by the script itself.

-Brad
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/