grsecurity forums


http://forums.grsecurity.net/

denied access to hidden /dev/grsec by mdadm : udev leaks it

http://forums.grsecurity.net/viewtopic.php?f=5&t=3202

Page 1 of 1

denied access to hidden /dev/grsec by mdadm : udev leaks it

PostPosted: Thu Dec 27, 2012 10:51 am
by bearclaw
Hi.

I have in my logs

grsec: From <>: (default:D:/sbin/mdadm) denied access to hidden file /dev/mem by /sbin/mdadm[mdadm:1168] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/strace[strace:1167] uid/euid:0/0 gid/egid:0/0
grsec: From <>: (default:D:/sbin/mdadm) denied access to hidden file /dev/grsec by /sbin/mdadm[mdadm:1168] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/strace[strace:1167] uid/euid:0/0 gid/egid:0/0


Although /dev/grsec has the hidden object mode.

This is caused by udev leaking grsec's existance through a symlink in /dev/.udev/db/mem:grsec

Same thing happens with /dev/mem.

Just wanted to let you know.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/