[rsbac] RSBAC+GRSecurity
Павел Петлинский
golem13 at mail.ru
Mon Aug 8 13:42:57 CEST 2005
I try to patch 2.6 kernel.
And I need from GRSsec patch just some options - net fixing, chroot, logging, without RBAC.
Why I try to do this? - in documnts author say, that RSBAC compatibel with GRSec, so i try =)
-----Original Message-----
From: Bencsath Boldizsar <boldi at datacontact.hu>
To: RSBAC Discussion and Announcements <rsbac at rsbac.org>
Date: Sun, 7 Aug 2005 11:32:34 +0200 (CEST)
Subject: Re: [rsbac] RSBAC+GRSecurity
>
>
> Hello Golem,
> Yes, It's not the best option to patch a kernel with both security
> patches, as it can rise problems. Practically, I used to make such
> multi-patched kernel. The method is already described in this thread:
> first I patch a vanilla kernel with one system (eg. rsbac) then with the
> other (eg. grsec) then manually fix all rejected patches, finally at
> compile time I fix (sometimes, eg. socket.c) the remaining problems.
> Of course, I cannot be confident about the second patch, Yes, it can
> happen, that some parts go to the wrong place in the kernel, but unless
> You really use eg. MAC in both packages this won't hurt too much. (Or, I
> can say, no such "big" error occoured up to now.)
> My rsbac+grsec+openswan+tproxy patched kernels are downloadable at
> http://www.boldi.hu/programs/rsbac/
> (latest is 2.4.29, now I just try to make a 2.4.32, but I have some
> problems...)
> boldizsar
>
> --------------------------------
> Bencsath Boldizsar
> --------------------------------
>
> On Sun, 7 Aug 2005, ????? ?????????? wrote:
>
>
More information about the rsbac
mailing list