Hey people, I am facing a problem with ACl.
EVER SINE i upgraded to grsecurity CVS version , WhenEVer a process is in learning mode, the RES_* values are always left to 0.
For example
/home/main/apache/bin/httpd o {
/home/main/apache/bin/httpd x
/ h
-CAP_ALL
RES_FSIZE 0 0
RES_DATA 0 0
RES_STACK 0 0
RES_RSS 0 100
RES_NPROC 0 0
RES_NOFILE 0 0
RES_MEMLOCK 0 0
RES_AS 0 0
RES_LOCKS 0 0
connect {
disabled
}
bind {
disabled
}
}
After learning more
The new path and libraries are Displayed HOWEVER the RES_ values are always 0, while before it used to limit the process to a certain Fsize/Memlock etc.
any one knows why?
ACL Problem regarding RES_*
3 posts
• Page 1 of 1
ACL Problem regarding RES_*
by Sharky » Sat Nov 09, 2002 11:09 pm
- Sharky
- Posts: 43
- Joined: Fri Nov 01, 2002 10:12 pm
by spender » Sun Nov 10, 2002 7:53 pm
are you using the current gradm as well? It's working fine for me.
/home/spender/test o {
/lib/libc-2.3.1.so rx
/lib/ld-2.3.1.so x
/etc/ld.so.cache rx
/home/spender/test x
/ h
-CAP_ALL
RES_CPU 0 0
RES_FSIZE 0 0
RES_CORE 0 0
RES_NPROC 0 0
RES_NOFILE 8 8
RES_AS 2961696 2961696
}
-Brad
/home/spender/test o {
/lib/libc-2.3.1.so rx
/lib/ld-2.3.1.so x
/etc/ld.so.cache rx
/home/spender/test x
/ h
-CAP_ALL
RES_CPU 0 0
RES_FSIZE 0 0
RES_CORE 0 0
RES_NPROC 0 0
RES_NOFILE 8 8
RES_AS 2961696 2961696
}
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
3 posts
• Page 1 of 1