grsecurity forums


https://forums.grsecurity.net./

denied kernel module auto-load

https://forums.grsecurity.net./viewtopic.php?f=3&t=4492

Page 1 of 1

denied kernel module auto-load

PostPosted: Mon Jun 13, 2016 6:53 pm
by fred9
Hi,

I get the following error message every few seconds in my syslog and was wondering how to get rid of it:

grsec: denied kernel module auto-load of ansi_cprng by uid 1000
grsec: denied kernel module auto-load of drbg by uid 1000


I am running archlinux with the grsec kernel

Re: denied kernel module auto-load

PostPosted: Mon Jun 13, 2016 7:12 pm
by spender
First ensure these are legitimate requests. If they're caused by one of your apps using the kernel's crypto API, the way to solve it is easy. Simply add:

modprobe ansi_cprng
modprobe drbg

to some init script, or otherwise force the loading of those modules as root during boot. Grsecurity's MOD_HARDEN feature prevents the runtime auto-loading of modules by unprivileged users for security reasons.

-Brad

Re: denied kernel module auto-load

PostPosted: Wed Jun 15, 2016 9:18 am
by fred9
How do I find out what process requested those modules?
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/