> > > > > > I just want to verify if there is anyone here who also suffers this and > > > what are the proper/needed steps to avoid this? (it's really painful to > > > have to remember this and do a gradm -D each time) > > > > > > > If you have the sshd flag marked as protected > > Huh. Please elaborate. I'm new to using a hardened kernel/toolchain etc. > (but not new to gentoo) >
http://grsecurity.net/gracldoc.htm >From the sample policy file that ships with grsec, # the d flag protects /proc fd and mem entries for sshd # all daemons should have 'p' in their subject mode to prevent # an attacker from killing the service (and restarting it with trojaned # config file or taking the port it reserved to run a trojaned service) subject /usr/sbin/sshd dpo > > I get it. I didn't try to see if SSHD was still running. I'll give it > another go when I get a chance. > Thanks, Andrew Griffiths -- [email protected] mailing list
