Only enable ACL's inside chrooted environment?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Only enable ACL's inside chrooted environment?

Postby sychan » Fri Apr 16, 2004 5:52 pm

Is it possible to only enable ACL protection inside a chrooted processes environment?

Off the top of my head it seems you could just define a "wide open" ACL from root, and then define the restricted ACL's starting at the chroot directory and then more ACL's on the binaries inside the chrooted environment.

Are there any glaringly obvious flaws to doing it that way?

Thanks.
sychan
 
Posts: 2
Joined: Tue Jul 22, 2003 8:37 pm

Return to grsecurity support