ACLs for grsecurity 2

Submit your RBAC policies or suggest policy improvements

ACLs for grsecurity 2

Postby hightower » Sun Mar 14, 2004 3:06 pm

Hi all,

anyone wants to share his/her grsec 2 acl set?
I am new to grsecurity 2 and much has changed, there is still no documentation so maybe someone has a working ACL set for grsec2, maybe for debian with normal services running.

Thanks in advance.

ciao, Marc
hightower
 
Posts: 49
Joined: Wed Mar 06, 2002 11:36 am

Postby sekko » Mon Apr 05, 2004 5:59 am

Hi!
I have 3 servers with GRSEC-2 and ACL system. It's working fine, so I can share them with no problems. I run them all on Debian 3.0, so you'll need to adjust some points, of course...

Claudio
sekko
 
Posts: 13
Joined: Mon Apr 05, 2004 5:52 am

Postby andy00 » Fri Apr 16, 2004 2:58 pm

please share: andy00@go.ro
and it will be better to have a GRSEC-2 acl for boot progams, and default ones, i mean: agetty, login, bash, pam, syslog-ng,openssh, sshd, init...
just the bare minimum to allow one to login locally or through ssh
andy00
 
Posts: 2
Joined: Fri Apr 16, 2004 2:45 pm

Postby hightower » Sat Apr 17, 2004 7:14 am

sekko wrote:Hi!
I have 3 servers with GRSEC-2 and ACL system. It's working fine, so I can share them with no problems. I run them all on Debian 3.0, so you'll need to adjust some points, of course...


cool. Please share them with me :) m.c.p at wolk-project.de

ciao, Marc
hightower
 
Posts: 49
Joined: Wed Mar 06, 2002 11:36 am

Postby CHTEKK » Sat Apr 17, 2004 3:16 pm

I would also be very intersted! :D Please share with:
chtekk A T longitekk D O T com
Many TNX!

CHTEKK
CHTEKK
 
Posts: 2
Joined: Sat Apr 17, 2004 3:14 pm

Postby sig » Sun Apr 18, 2004 1:54 am

sekko wrote:Hi!
I have 3 servers with GRSEC-2 and ACL system. It's working fine, so I can share them with no problems. I run them all on Debian 3.0, so you'll need to adjust some points, of course...

Claudio


Would it be possible to to share those ACLs publicly? So you wouldn't have to personally reply to everyone interested in them.
sig
 
Posts: 5
Joined: Fri Mar 29, 2002 12:28 pm

Postby sekko » Sun Apr 18, 2004 6:24 am

Hey, I didn't think that all these people would be interested in it! ;-)
Maybe it's better to share it on my www pages. I'll do it next week, since I'm just preparing one more server with grsec-2 and it's actually learning, maybe till monday. ACL are for debian 3.0 and debian-testing (aka `Sarge`), and they are absolutely _not_ minimal (between 1500 and 3500 lines each one). Just gimme the time to prepare this new server and clean-up a little.

Bye, Claudio
sekko
 
Posts: 13
Joined: Mon Apr 05, 2004 5:52 am

Postby CHTEKK » Sun Apr 18, 2004 10:46 am

sekko wrote:Hey, I didn't think that all these people would be interested in it! ;-)
Maybe it's better to share it on my www pages. I'll do it next week, since I'm just preparing one more server with grsec-2 and it's actually learning, maybe till monday. ACL are for debian 3.0 and debian-testing (aka `Sarge`), and they are absolutely _not_ minimal (between 1500 and 3500 lines each one). Just gimme the time to prepare this new server and clean-up a little.

Bye, Claudio


OK! Great work! Tnx.
CHTEKK
 
Posts: 2
Joined: Sat Apr 17, 2004 3:14 pm

Postby sekko » Wed Apr 21, 2004 10:31 am

Here we are ;-)

http://people.roma2.infn.it/~claudio/en/grsec

hope to be useful...

Ciao, Claudio
sekko
 
Posts: 13
Joined: Mon Apr 05, 2004 5:52 am


Return to RBAC policy development

cron