grsecurity forums

Skip to content

symlink handling in grsecurity?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

symlink handling in grsecurity?

Postby cmouse » Mon Mar 01, 2004 6:13 pm

I have this following ACL rule:

/usr/sbin/exim {
...
...
/dev/log rw
...
...
/usr/bin/spamc rxi
...
}

I also have a symlink from /usr/bin/sendmail -> /usr/sbin/exim.
BUT I get the following whine in my syslog anyways:

grsec: denied connect to the unix domain socket /dev/log by (spamc:8239) UID(42) EUID(42), parent (sendmail:21067) UID(42) EUID(42)

Now afaik this should not be possible... or am I mistaking?
cmouse
 
Posts: 98
Joined: Tue Dec 17, 2002 10:58 am
Top

Postby spender » Wed Mar 03, 2004 11:04 am

it depends on how spamc is executed. Most likely what is happening is that exim is calling some shell which then calls spamc, so you'd need to add the inherit flag to that shell also.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group