And i'm appreciate that debian has much done on acl's (Thanks to debian)
But i have some trouble:
Feb 27 10:37:05 server kernel: grsec: attempted socket(2,2,0) by (saslauthd:17086) UID(0) EUID(0), parent (saslauthd:3856) UID(0) EUID(0)
For example that message.
And i have this acl:
/usr/sbin/saslauthd {
/dev/log w
/tmp rw
/var/tmp rw
-CAP_ALL
+CAP_DAC_OVERRIDE
+CAP_DAC_READ_SEARCH
connect {
disabled
}
bind {
disabled
}
}
What do i forgot ?
(Sorry for my bad english)