ACL problems
Posted: Fri Apr 12, 2002 8:51 am
Hi,
I am new to both grsecurity and linux, so please forgive any stupid mistakes.
I have compiled kernel version 2.4.18 with grsecurity 1.9.4, with most of the grsecurity options turned on.
I wrote a couple of very simple test programs so that I could become more familiar with the ACL system, but they both produce a Segmentation fault when the ACL stuff is turned on.
I have included what I hope is all the relevant info below.
Thanks,
Eoghan
My ACL files are as follows:
file.acl
/home/edoyle/dev/grsec/test.txt hrwx
proc.acl
/home/edoyle/dev/grsec/test1 {
/etc/ld.so.conf r
/etc/ld.so.preload r
/lib/i686/libc.so.6 r
/lib/ld-linux.so.2 r
/home/edoyle/dev/grsec/test.txt f
}
/home/edoyle/dev/grsec/test1 {
/etc/ld.so.conf r
/etc/ld.so.preload r
/lib/i686/libc.so.6 r
/lib/ld-linux.so.2 r
/home/edoyle/dev/grsec/test.txt f
}
The programs are:
test1.c
#include <stdio.h>
int main ()
{
FILE *f = fopen ( "test.txt", "w" );
char str[] = "This is a test.\n";
if ( !f )
{
printf ( "Failed to open file!\n" );
}
else
{
fwrite ( str, strlen ( str ), 1, f );
}
return 0;
}
test2.c
#include <stdio.h>
int main ()
{
FILE *f = fopen ( "test.txt", "r" );
char str[] = "This is a test.\n";
if ( !f )
{
printf ( "Failed to open file!\n" );
}
else
{
fread ( str, strlen ( str ), 1, f );
printf ( str );
}
return 0;
}
I am new to both grsecurity and linux, so please forgive any stupid mistakes.
I have compiled kernel version 2.4.18 with grsecurity 1.9.4, with most of the grsecurity options turned on.
I wrote a couple of very simple test programs so that I could become more familiar with the ACL system, but they both produce a Segmentation fault when the ACL stuff is turned on.
I have included what I hope is all the relevant info below.
Thanks,
Eoghan
My ACL files are as follows:
file.acl
/home/edoyle/dev/grsec/test.txt hrwx
proc.acl
/home/edoyle/dev/grsec/test1 {
/etc/ld.so.conf r
/etc/ld.so.preload r
/lib/i686/libc.so.6 r
/lib/ld-linux.so.2 r
/home/edoyle/dev/grsec/test.txt f
}
/home/edoyle/dev/grsec/test1 {
/etc/ld.so.conf r
/etc/ld.so.preload r
/lib/i686/libc.so.6 r
/lib/ld-linux.so.2 r
/home/edoyle/dev/grsec/test.txt f
}
The programs are:
test1.c
#include <stdio.h>
int main ()
{
FILE *f = fopen ( "test.txt", "w" );
char str[] = "This is a test.\n";
if ( !f )
{
printf ( "Failed to open file!\n" );
}
else
{
fwrite ( str, strlen ( str ), 1, f );
}
return 0;
}
test2.c
#include <stdio.h>
int main ()
{
FILE *f = fopen ( "test.txt", "r" );
char str[] = "This is a test.\n";
if ( !f )
{
printf ( "Failed to open file!\n" );
}
else
{
fread ( str, strlen ( str ), 1, f );
printf ( str );
}
return 0;
}