I'm having trouble with a program running under grsecurity (2). I keep getting in the logs
Oct 23 16:11:22 cgi kernel: grsec: denied connect to the unix domain socket /dev/log by /usr/bin/logger[logger:30572] uid/euid:500/500 gid/egid:15000/15000, parent /usr/local/sbin/mailer.pl[sendmail:20769] uid/euid:500/500 gid/egid:15000/15000
So I made a subject
subject /usr/bin/logger ol
/ h
And then ran gradm.
gradm -L /etc/grsec/learning.logs -E
and took this out of the results I got
subject /usr/bin/logger o {
/ h
/dev h
/dev/log rw
/etc h
/etc/ld.so.cache r
/etc/localtime r
/lib h
/lib/ld-2.3.2.so x
/lib/libc-2.3.2.so rx
/usr h
/usr/share/zoneinfo/US/Eastern r
-CAP_ALL
bind disabled
connect disabled
}
The thing is, even after loading, with this in the acl. I still get the same error in the logs. What am I doing wrong?
axehind
/dev/log problem
2 posts
• Page 1 of 1
/dev/log problem
by axehind » Wed Nov 05, 2003 11:18 am
- axehind
- Posts: 13
- Joined: Mon Jul 01, 2002 1:32 pm
by spender » Wed Nov 05, 2003 4:30 pm
I've heard a couple similar reports. I'll look into it as soon as I can. Right now I'm still working on porting grsecurity 2 to 2.6 (though I'm almost done). If it's possible, could you try a similar configuration with 1.9 and see if that has the same problem?
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
2 posts
• Page 1 of 1