allow special gid viewing /proc

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

allow special gid viewing /proc

Postby dontcare » Wed Apr 28, 2004 5:08 pm

I dont know where is the problem... kernel 2.6.5 + grsec-2.0-2.6.5 on PLD Linux

there is special group with id 501

from
/proc/config.gz

---------------------------
[..]
# Filesystem Protections
#
CONFIG_GRKERNSEC_PROC=y
CONFIG_GRKERNSEC_PROC_USER=y
CONFIG_GRKERNSEC_PROC_USERGROUP=y
CONFIG_GRKERNSEC_PROC_GID=501
CONFIG_GRKERNSEC_PROC_ADD=y
[..]
---------------------------

also:
$ cat /etc/group |grep 501
proces:x:501:auth,tada

and... user tada can't see not own processes...
why?
im using grsec for 2.4.26 machine... all is working fine...
please help, what i should to check.
dontcare
 
Posts: 1
Joined: Wed Apr 28, 2004 4:48 pm

Return to grsecurity support