| 1 |
On пн, 2004-06-21 at 02:29, Peter Simons wrote: |
| 2 |
> The problem is definitely not related to PaX. It comes down |
| 3 |
> to the fact that suddenly setuid binaries no longer work, |
| 4 |
> and then I get lots of "permission denied". It occurs |
| 5 |
> generally with the hardened-dev-sources -- even when I |
| 6 |
> compile the kernel without PaX, SELinux, and GrSecurity. I |
| 7 |
> have reproduced this on two machines. |
| 8 |
> |
| 9 |
> I have no idea where it comes from, and unfortunately I need |
| 10 |
> these machines to work ... so I can't test much. :-( |
| 11 |
> |
| 12 |
> Peter |
| 13 |
> |
| 14 |
> |
| 15 |
> -- |
| 16 |
> gentoo-hardened@g.o mailing list |
| 17 |
> |
| 18 |
Hi Peter, |
| 19 |
I'm working with hardened-dev-sources-2.6.5-r5, compiled with quite full |
| 20 |
PaX (ref. quickstart-guide), using grsecurity, also quite to the max |
| 21 |
(ref.quickstart-guide) and have a working X (statically compiled and w/o |
| 22 |
3D) but working, for some 3-4 days, still no problems. |
| 23 |
Beside SELinux, grsecurity there is also another hardened project: |
| 24 |
RSBAC, it also has PaX and RSBAC (framework like SELinux) and much more |
| 25 |
powerfull then grsec-ACL. Seems that PaX is working on all three of them |
| 26 |
(not sure about SELinux). |
| 27 |
PS: you could see the docs on grsecurity.net site if interested see ref. |
| 28 |
In my opinion grsec&PaX is easiest to install and use. |
| 29 |
Rumen |
Archives