privileged user
Posted: Sat Oct 04, 2008 7:38 amHello , thanks for great projects . I am using linux-2.6.24.5 with latest grsec patches + latest gradm2 . I am very new to grsecuirty ...
Is it possible to have CONFIG_GRKERNSEC_PROC_USER (Restrict /proc to user only) enabled , and have some special GID , so that users who are members of that GID would be able to see all processes ( ps , top) ? and also read /var/log/utmp (w) ?
As I thought I can define that GID with GRKERNSEC_PROC_GID ( GID for special group) , but there is no help for this option (so it is not completely clear meaning of this option)
but I tried this case , and it did not work as I expected .
I had grsec enabled kernel + enabled RBAC system , I created local group with gid 1001 and added there user (ldap one) , so 'id' showed me that this user is member of the grsec(1001) group . than I thought this user would be able to see processes of other users , but it was not able to see anything except own proc.
so, can you please explain me what is wrong ?
Is it possible to have CONFIG_GRKERNSEC_PROC_USER (Restrict /proc to user only) enabled , and have some special GID , so that users who are members of that GID would be able to see all processes ( ps , top) ? and also read /var/log/utmp (w) ?
As I thought I can define that GID with GRKERNSEC_PROC_GID ( GID for special group) , but there is no help for this option (so it is not completely clear meaning of this option)
but I tried this case , and it did not work as I expected .
I had grsec enabled kernel + enabled RBAC system , I created local group with gid 1001 and added there user (ldap one) , so 'id' showed me that this user is member of the grsec(1001) group . than I thought this user would be able to see processes of other users , but it was not able to see anything except own proc.
so, can you please explain me what is wrong ?