taking feature requests

Discuss and suggest new grsecurity features

Postby `VL » Fri May 06, 2005 3:31 am

D O C U M E N T A T I O N!

you should be able to say : Go away! RTFM!!
`VL
 
Posts: 28
Joined: Wed Feb 23, 2005 2:11 pm

Postby std0ut » Tue May 10, 2005 9:26 am

`VL wrote:D O C U M E N T A T I O N!

you should be able to say : Go away! RTFM!!


Indeed.
std0ut
 
Posts: 4
Joined: Mon May 09, 2005 2:05 am

read only bind mounts

Postby androsyn » Fri May 13, 2005 11:25 pm

It can be somewhat useful if the mount --bind option would honor the read only flag. This makes life a little easier for some applications you want to chroot() but don't have on the same filesystem.

-Aaron
androsyn
 
Posts: 10
Joined: Mon Jun 28, 2004 9:02 am

Postby spender » Sat May 14, 2005 10:29 pm

Regarding documentation, I've set up a wiki on the main page that everyone is free to contribute to. I'll edit the content to ensure it's accurate. To set up an account to edit pages, simply log in with your desired username/password.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Thanks Brad!

Postby linuxuser » Sun May 15, 2005 2:06 pm

Thanks for setting up the wiki, I'm sure the extra help will be appreciated. :-)
linuxuser
 
Posts: 16
Joined: Wed May 11, 2005 4:59 pm

Re: MD5 check on binaries?

Postby tuxq » Fri Jul 29, 2005 8:44 am

blueberry wrote:Could we get MD5 sums on selected sensitive binaries (suid/sgid f.ex.)
that were checked against a central db before execution?

That way we could get rid of trojans and rootkits alike... Seen it done
in a couple of firewalls on Win.

-blue


Are you referring to something such as Tripwire?
Since Tripwire is somewhat old and a pain in the ass [for the most part], I'd like to see this as well. Maybe implemented as a sysctl configurable feature?
tuxq
 
Posts: 34
Joined: Sun Mar 06, 2005 5:59 am

Previous

Return to grsecurity development