1 |
On Sat, 2004-01-24 at 16:12, source wrote: |
2 |
> Hello all, |
3 |
> |
4 |
> I'm new to grsecurity and surpised about 2 things. |
5 |
> First, why starts the init script (/etc/init.d/grsecurity) only the sysctl-stuff and not the ACLs (gradm -E)? |
6 |
> And seconds, why are the default ACLs in gentoo so strict, that a basic system won't shutdown normaly? |
7 |
|
8 |
Simple.. I don't feel it's the place of the distribution to enable your |
9 |
policy for you. Gentoo will give you some basic templates to use but for |
10 |
grsecurity to be effective for your needs you need to enable leaning |
11 |
mode on some subjects and develop your own policy that works good for |
12 |
you. |
13 |
|
14 |
In addition we want to leave this choice up to you to decide if you even |
15 |
want to use ACL's in the first place and if you do then chances are you |
16 |
will want to add the (gradm -E) in your /etc/init.d/local.start vs the |
17 |
grsec init/conf script handles your sysctl settings. |
18 |
|
19 |
> by, source |
20 |
> |
21 |
> -- |
22 |
|
23 |
-- |
24 |
|
25 |
Ned Ludd <solar@g.o> |
26 |
|
27 |
Gentoo Linux Developer |