1 |
On пн, 2004-06-21 at 02:29, Peter Simons wrote: |
2 |
> The problem is definitely not related to PaX. It comes down |
3 |
> to the fact that suddenly setuid binaries no longer work, |
4 |
> and then I get lots of "permission denied". It occurs |
5 |
> generally with the hardened-dev-sources -- even when I |
6 |
> compile the kernel without PaX, SELinux, and GrSecurity. I |
7 |
> have reproduced this on two machines. |
8 |
> |
9 |
> I have no idea where it comes from, and unfortunately I need |
10 |
> these machines to work ... so I can't test much. :-( |
11 |
> |
12 |
> Peter |
13 |
> |
14 |
> |
15 |
> -- |
16 |
> gentoo-hardened@g.o mailing list |
17 |
> |
18 |
Hi Peter, |
19 |
I'm working with hardened-dev-sources-2.6.5-r5, compiled with quite full |
20 |
PaX (ref. quickstart-guide), using grsecurity, also quite to the max |
21 |
(ref.quickstart-guide) and have a working X (statically compiled and w/o |
22 |
3D) but working, for some 3-4 days, still no problems. |
23 |
Beside SELinux, grsecurity there is also another hardened project: |
24 |
RSBAC, it also has PaX and RSBAC (framework like SELinux) and much more |
25 |
powerfull then grsec-ACL. Seems that PaX is working on all three of them |
26 |
(not sure about SELinux). |
27 |
PS: you could see the docs on grsecurity.net site if interested see ref. |
28 |
In my opinion grsec&PaX is easiest to install and use. |
29 |
Rumen |