LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-25-2002, 05:42 PM   #1
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Rep: Reputation: 30
grsecurity post-kernel configs


OK, I compiled lq3 nicely with alot of grsec stuff. Now in /proc/sys/kernel/grsecurity/ I have stuff like tpe,and audit* files. During the kernel config I selected the default GIDs is there a way to change it? Without recompiling.

About the other options, like altered pings and rand_pids. How can I tell if there working?


--tarballedtux

Last edited by tarballedtux; 09-25-2002 at 05:51 PM.
 
Old 09-25-2002, 06:42 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,005
Blog Entries: 54

Rep: Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763
Excellent!
If you selected grsec to have sysctl support, yes:
either by echoing like: "echo (var) > /proc/sys/kernel/grsecurity/grsec_lock" or use a config file:
sysctl -e -p /location/sysctl.grsec.conf
If you try to vary /proc settings it comes in handy to have separate sysctl.conf's. Note if you tried the first example and echoed a "1" it would freeze grsec settings untill reboot.
Note 2 if you want to try the ACL system you need gradm from grsecurity.net.
 
Old 09-25-2002, 07:04 PM   #3
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Original Poster
Rep: Reputation: 30
Question

Hmm, what exactly do you mean. I know all I have to do is echo a non-zero value into the grsec-sysctl file. But did you mean that for the audit_* files I could echo in a GUID to activate it and specify the GUID I want to audit?

-tarballedtux
 
Old 09-25-2002, 07:30 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,005
Blog Entries: 54

Rep: Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763Reputation: 2763
Yes, you can echo the GID into audit_gid (as for any ^*_gid), the other ^audit_* entries only hold binary values.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[ Debian + kernel 2.6.7 + grsecurity + ATI drivers ] Panquekas Linux - Software 0 07-23-2004 07:13 PM
will grsecurity kernel 2.6.5 patch work against 2.6.7? TheOneAndOnlySM Linux - Security 3 07-12-2004 06:27 PM
post kernel compile stuf? e1000 Slackware 8 12-13-2003 09:18 AM
INFO: creating a special secured kernel (grsecurity kernel patch) w sysctl config markus1982 Linux - Security 0 05-25-2003 05:29 AM
Saved kernel configs under different names? JoeLinux Linux - Newbie 1 04-28-2002 06:26 PM


All times are GMT -5. The time now is 04:48 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration