grsecurity forums


https://forums.grsecurity.net./

Learning with partial restrictions?

https://forums.grsecurity.net./viewtopic.php?f=3&t=2900

Page 1 of 1

Learning with partial restrictions?

PostPosted: Wed Nov 16, 2011 5:17 am
by Undine
Hello,
It is possible to have subject in policy with enabled learning mode for it and this subject will unable to use network completely (bind and connect disabled)?
Thanks.

Re: Learning with partial restrictions?

PostPosted: Wed Nov 16, 2011 11:19 am
by spender
It's not possible within RBAC to partially restrict a subject under learning. There exist netfilter modules to deny traffic in/out of specific processes though.

-Brad

Re: Learning with partial restrictions?

PostPosted: Thu Nov 17, 2011 10:41 pm
by Undine
Ok. And similar question: there is role with enabled learning. Will existing subjects for that role (specified after role definition) still work, or they will be ignored?
Thanks.

Re: Learning with partial restrictions?

PostPosted: Thu Nov 17, 2011 10:59 pm
by spender
They'll be ignored. The role-based learning performs full learning on a single role -- it decides what subjects need to be created.

-Brad

Re: Learning with partial restrictions?

PostPosted: Fri Nov 18, 2011 5:49 am
by Undine
Okay, got it now. Thanks!
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/