grsecurity forums


https://forums.grsecurity.net./

ACL Problem regarding RES_*

https://forums.grsecurity.net./viewtopic.php?f=3&t=210

Page 1 of 1

ACL Problem regarding RES_*

PostPosted: Sat Nov 09, 2002 11:09 pm
by Sharky
Hey people, I am facing a problem with ACl.
EVER SINE i upgraded to grsecurity CVS version , WhenEVer a process is in learning mode, the RES_* values are always left to 0.
For example
/home/main/apache/bin/httpd o {
/home/main/apache/bin/httpd x
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 100
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0

connect {
disabled
}

bind {
disabled
}

}
After learning more

The new path and libraries are Displayed HOWEVER the RES_ values are always 0, while before it used to limit the process to a certain Fsize/Memlock etc.
any one knows why?

PostPosted: Sun Nov 10, 2002 7:53 pm
by spender
are you using the current gradm as well? It's working fine for me.

/home/spender/test o {
/lib/libc-2.3.1.so rx
/lib/ld-2.3.1.so x
/etc/ld.so.cache rx
/home/spender/test x
/ h
-CAP_ALL
RES_CPU 0 0
RES_FSIZE 0 0
RES_CORE 0 0
RES_NPROC 0 0
RES_NOFILE 8 8
RES_AS 2961696 2961696
}



-Brad

PostPosted: Sun Nov 10, 2002 11:26 pm
by Sharky
gradm -version
gradm v1.5
yes Thats the latest gradm m cVS
i think its now working spender, it took a quite time for that process ( Psybnc) but now the values are set
thanks alot :)
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/