Oden Eriksson kirjoitti viestissään (lähetysaika Torstai 18 Syyskuu 2003 11:57): > torsdagen den 18 september 2003 10.43 skrev Thomas Backlund: > > Oden Eriksson kirjoitti viestissään (lähetysaika Torstai 18 Syyskuu 2003 > > > > 03:52): > > > Hi. > > > > > > Why: > > > > > > #%doc gradm-ACL/debian_secure_acls gradm-ACL/gentoo_secure_acls > > > > > > ? > > > > Argh... > > I forgot to remove the # :-( > > > > But actually they are now incomplete, since they describe > > the 1.9 series MAC (Mandatory Access Control) > > > > while the 2.0 series uses RBAC (Role Based Access Control), > > Aha, I haven't followed this since back then, nice to see you picked it up. > I tried it briefly at home but it segfaulted, maybe because I was not > running the proper kernel at the time? >
well the kernel patch and the gradm both needs to be the same version... or they will most likely not work... since they interact... > > I did plan to test and correct them before I add them to the i586 > > package, so I left them only in the SRPM... > > but since current kernel-secure is broken, I need to fix that one > > first... > > > > I hope to solve both today... > > Ohh, a lot of work there... > Yeah... > BTW. is the sysctl stuff fixed now or is still on by default in the secure > kernel? Well..., maybe a stupid question..., otherwise we wouldn't have to > see the secure kernel package I guess... According to the current grsec code it checks for every option in sysctl, and if they are not disabled, or if they does not exist at all in sysctl, the rules will be active (according to the way the kernel is compiled) -- Regards Thomas
