diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2010-12-07 14:18:13 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2010-12-07 14:18:13 +0000 |
| commit | b868fd504bdc0d6abede6b4ca4892405d9810560 (patch) | |
| tree | 41e2151bc60da11a87d39698fafb42f086d1d629 | |
| parent | 5d11ca20ed78fe4cf148648fd444beb45c2cbb58 (diff) | |
| download | aports-b868fd504bdc0d6abede6b4ca4892405d9810560.tar.bz2 aports-b868fd504bdc0d6abede6b4ca4892405d9810560.tar.xz | |
main/linux-grsec: enable grsecurity proc usergroup
All users in group number 700 will be able to see all process info,
network related stuff and kernel symbols.
ref #490
| -rw-r--r-- | main/linux-grsec/APKBUILD | 6 | ||||
| -rw-r--r-- | main/linux-grsec/kernelconfig.x86 | 8 | ||||
| -rw-r--r-- | main/linux-grsec/kernelconfig.x86_64 | 4 |
3 files changed, 11 insertions, 7 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index dc29df286f..285cfb6e50 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD @@ -4,7 +4,7 @@ _flavor=grsec pkgname=linux-${_flavor} pkgver=2.6.35.9 _kernver=2.6.35 -pkgrel=0 +pkgrel=1 pkgdesc="Linux kernel with grsecurity" url=http://grsecurity.net depends="mkinitfs linux-firmware" @@ -151,5 +151,5 @@ ea7a7eb2775b71ae5ef24d029a4905bd xfrm-fix-gre-key-endianess.patch 0ccecafd4123dcad0b0cd7787553d734 r8169-fix-rx-checksum-offload.patch 139b39da44ecb577275be53d7d365949 r8169-add-gro-support.patch 8c224ba0cdf0aa572c7eb50379435be4 setlocalversion.patch -16d6b950b8c8d9c9e6b43eb76cd090f4 kernelconfig.x86 -df042faf6a936aaec13baf2c28ec6e36 kernelconfig.x86_64" +a5645eb215e97aece3c7f6ddfa54f8a7 kernelconfig.x86 +05b5aa2868b2e322e01f054a6a8431f1 kernelconfig.x86_64" diff --git a/main/linux-grsec/kernelconfig.x86 b/main/linux-grsec/kernelconfig.x86 index 750db81bb5..fd2f6ae82b 100644 --- a/main/linux-grsec/kernelconfig.x86 +++ b/main/linux-grsec/kernelconfig.x86 @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit -# Linux kernel version: 2.6.35.7 -# Wed Oct 27 08:38:30 2010 +# Linux kernel version: 2.6.35.9 +# Tue Dec 7 13:46:27 2010 # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -4714,7 +4714,9 @@ CONFIG_GRKERNSEC_ACL_TIMEOUT=30 # Filesystem Protections # CONFIG_GRKERNSEC_PROC=y -CONFIG_GRKERNSEC_PROC_USER=y +# CONFIG_GRKERNSEC_PROC_USER is not set +CONFIG_GRKERNSEC_PROC_USERGROUP=y +CONFIG_GRKERNSEC_PROC_GID=700 CONFIG_GRKERNSEC_PROC_ADD=y CONFIG_GRKERNSEC_LINK=y CONFIG_GRKERNSEC_FIFO=y diff --git a/main/linux-grsec/kernelconfig.x86_64 b/main/linux-grsec/kernelconfig.x86_64 index eb3a78f3e9..96724cd7d4 100644 --- a/main/linux-grsec/kernelconfig.x86_64 +++ b/main/linux-grsec/kernelconfig.x86_64 @@ -4504,7 +4504,9 @@ CONFIG_GRKERNSEC_ACL_TIMEOUT=30 # Filesystem Protections # CONFIG_GRKERNSEC_PROC=y -CONFIG_GRKERNSEC_PROC_USER=y +# CONFIG_GRKERNSEC_PROC_USER is not set +CONFIG_GRKERNSEC_PROC_USERGROUP=y +CONFIG_GRKERNSEC_PROC_GID=700 CONFIG_GRKERNSEC_PROC_ADD=y CONFIG_GRKERNSEC_LINK=y CONFIG_GRKERNSEC_FIFO=y |