Security Basics mailing list archives
Re: Mandrake Linux grsecurity question
From: Pierre BETOUIN <info16 () ifrance com>
Date: Thu, 13 Nov 2003 21:47:28 +0100
It's just the result of grsecurity configuration. To confirme that, check, using make menuconfig, your grsec configuration. In fact, grsec can be used to restrict actions (mounting, attaching process with ptrace, etc...), and especially for a special group (the "untrusted group"). Change it and recompile your kernel, or change your user's group. You can also use ACL to fix a more secure policy (http://www.grsecurity.org). I think you're running the "kernel-secure" under mandrake. Pierre Le mer 12/11/2003 à 10:17, Lars Westergren a écrit :
Hi, A basic security question here, please be kind. :-) I have some problems with grsec and Mandrake 9.1. I downloaded Eclipse the IDE, and installed it in my home directory. I ran it as root to see that everything worked (it did), and then started configuring the system for more users. I chowned the whole Eclipse directory to a group I made for the programmers, and gave just about all permissions to User and Group with chmod. However, I can still only run the program as root. Whenever I try to run it as another user, I get "Permission denied" in bash and the following message in the system log: kernel: grsec: denied exec of ./eclipse by (bash:29587) UID(501) EUID(501), parent (bash:24566) UID(501) EUID(501) reason: untrusted I have tried to lower my Mandrake msec persmissons temporarily from Higher to Poor, but I still get permission denied. Even if I put Eclipse in my home directory, change all permissions to me and give all rights to all users recursively for all files. I have looked around a lot on Google. So far, I have found a handful of other people asking this same question in different forums (Always Mandrake 9.1 users in High security mode that I can see, though with other programs that they try to run), but none of them recieve any answers. The documentation for msec from Mandrake is very sparse, they usually just say "use the drakperm tools to fine tune msec", but they don't say how. Looking up grsecurity manuals, they usually begin with "Edit your Acess Control List permissions in the directory /etc/grsec by..." but I don't have that directory, nor can I find it or anything relating to grsec anywhere on the machine, except in the log. What to do? Have I missed something very basic with file permissions in Linux, does it have anything to do with PAM, or is there a bug that came when I downloaded all the Mandrake security patches? I guess I could compile my own kernel for the first time and make sure that grsec is out, but if there is any easier and safer solution...? I would be very grateful for any help. Thanks, Lars --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- _____________________________________________________________________ Envie de discuter en "live" avec vos amis ? Tlcharger MSN Messenger http://www.ifrance.com/_reloc/m la 1re messagerie instantane de France
-- Pierre BETOUIN http://securitech.homeunix.org http://www.challenge-securitech.com GnuPG key : lynx -dump securitech.homeunix.org/pbetouin.asc | gpg --import
Attachment:
signature.asc
Description: Ceci est une partie de message numériquement signée
Current thread:
- Mandrake Linux grsecurity question Lars Westergren (Nov 13)
- Re: Mandrake Linux grsecurity question Pierre BETOUIN (Nov 14)