Sorry to bother you again, I was running my grsec in learn mode against newest cvs and there is an "s" object flag which i assume is the new 'suppress' functionality.
It seems to be replacing where there would normally be "h" flags on directory objects.
It is getting added to a ton of lines now when it wasnt a before 2 days ago.
/sbin/shutdown o {
/var/run/utmp rws
/var/run/shutdown.pid ws
/var/run s
/usr/share/zoneinfo/US/Central rs
/sbin/init xs
/proc/5911/fd/0 s
/proc/5911 s
/proc/32585/fd/0 s
/proc/32585 s
/proc/18190/fd/0 s
/proc/18190 s
/lib/libnss_compat-2.2.5.so rxs
/lib/libnsl-2.2.5.so rxs
/lib/libc-2.2.5.so rxs
/lib/ld-2.2.5.so xs
/etc/passwd rs
/etc/nsswitch.conf rs
/etc/ld.so.cache rs
/etc s
/dev/pts/1 ws
/dev/pts/0 ws
/sbin/shutdown xs
/ s
-CAP_ALL
+CAP_DAC_OVERRIDE
+CAP_SETUID
connect {
disabled
}
bind {
disabled
}
}
Can I have a little info on what this thing is supposed to do and if its acting properly at this time?
Thanks
-TGK
undocumented object flag / strange learning behavior
2 posts
• Page 1 of 1
undocumented object flag / strange learning behavior
by TGKx » Sun Feb 23, 2003 4:57 am
- TGKx
- Posts: 50
- Joined: Wed Feb 19, 2003 4:39 am
2 posts
• Page 1 of 1