Page 1 of 1

ACLs for grsecurity 2

PostPosted: Sun Mar 14, 2004 3:06 pm
by hightower
Hi all,

anyone wants to share his/her grsec 2 acl set?
I am new to grsecurity 2 and much has changed, there is still no documentation so maybe someone has a working ACL set for grsec2, maybe for debian with normal services running.

Thanks in advance.

ciao, Marc

PostPosted: Mon Apr 05, 2004 5:59 am
by sekko
Hi!
I have 3 servers with GRSEC-2 and ACL system. It's working fine, so I can share them with no problems. I run them all on Debian 3.0, so you'll need to adjust some points, of course...

Claudio

PostPosted: Fri Apr 16, 2004 2:58 pm
by andy00
please share: andy00@go.ro
and it will be better to have a GRSEC-2 acl for boot progams, and default ones, i mean: agetty, login, bash, pam, syslog-ng,openssh, sshd, init...
just the bare minimum to allow one to login locally or through ssh

PostPosted: Sat Apr 17, 2004 7:14 am
by hightower
sekko wrote:Hi!
I have 3 servers with GRSEC-2 and ACL system. It's working fine, so I can share them with no problems. I run them all on Debian 3.0, so you'll need to adjust some points, of course...


cool. Please share them with me :) m.c.p at wolk-project.de

ciao, Marc

PostPosted: Sat Apr 17, 2004 3:16 pm
by CHTEKK
I would also be very intersted! :D Please share with:
chtekk A T longitekk D O T com
Many TNX!

CHTEKK

PostPosted: Sun Apr 18, 2004 1:54 am
by sig
sekko wrote:Hi!
I have 3 servers with GRSEC-2 and ACL system. It's working fine, so I can share them with no problems. I run them all on Debian 3.0, so you'll need to adjust some points, of course...

Claudio


Would it be possible to to share those ACLs publicly? So you wouldn't have to personally reply to everyone interested in them.

PostPosted: Sun Apr 18, 2004 6:24 am
by sekko
Hey, I didn't think that all these people would be interested in it! ;-)
Maybe it's better to share it on my www pages. I'll do it next week, since I'm just preparing one more server with grsec-2 and it's actually learning, maybe till monday. ACL are for debian 3.0 and debian-testing (aka `Sarge`), and they are absolutely _not_ minimal (between 1500 and 3500 lines each one). Just gimme the time to prepare this new server and clean-up a little.

Bye, Claudio

PostPosted: Sun Apr 18, 2004 10:46 am
by CHTEKK
sekko wrote:Hey, I didn't think that all these people would be interested in it! ;-)
Maybe it's better to share it on my www pages. I'll do it next week, since I'm just preparing one more server with grsec-2 and it's actually learning, maybe till monday. ACL are for debian 3.0 and debian-testing (aka `Sarge`), and they are absolutely _not_ minimal (between 1500 and 3500 lines each one). Just gimme the time to prepare this new server and clean-up a little.

Bye, Claudio


OK! Great work! Tnx.

PostPosted: Wed Apr 21, 2004 10:31 am
by sekko
Here we are ;-)

http://people.roma2.infn.it/~claudio/en/grsec

hope to be useful...

Ciao, Claudio