Home page logo
/

basics logo Security Basics mailing list archives

Re: Mandrake Linux grsecurity question
From: Pierre BETOUIN <info16 () ifrance com>
Date: Thu, 13 Nov 2003 21:47:28 +0100

It's just the result of grsecurity configuration.
To confirme that, check, using make menuconfig, your grsec
configuration.

In fact, grsec can be used to restrict actions (mounting, attaching
process with ptrace, etc...), and especially for a special group (the
"untrusted group").

Change it and recompile your kernel, or change your user's group.
You can also use ACL to fix a more secure policy
(http://www.grsecurity.org).

I think you're running the "kernel-secure" under mandrake.

        Pierre

Le mer 12/11/2003 à 10:17, Lars Westergren a écrit :
Hi,

A basic security question here, please be kind.
:-)

I have some problems with grsec and Mandrake 9.1. I downloaded Eclipse the IDE, and installed it in my home 
directory. I ran it as root to see that everything worked (it did), and then started configuring the system for more 
users. I chowned the whole Eclipse directory to a group I made for the programmers, and gave just about all 
permissions to User and Group with chmod.

However, I can still only run the program as root. Whenever I try to run it as another user, I get "Permission 
denied" in bash and the following message in the system log:

kernel: grsec: denied exec of ./eclipse by (bash:29587) UID(501) EUID(501), parent (bash:24566) UID(501) EUID(501) 
reason: untrusted

I have tried to lower my Mandrake msec persmissons temporarily from Higher to Poor, but I still get permission 
denied. Even if I put Eclipse in my home directory, change all permissions to me and give all rights to all users 
recursively for all files.

I have looked around a lot on Google. So far, I have found a handful of other people asking this same question in 
different forums (Always Mandrake 9.1 users in High security mode that I can see, though with other programs that 
they try to run), but none of them recieve any answers.

The documentation for msec from Mandrake is very sparse, they usually just say "use the drakperm tools to fine tune 
msec", but they don't say how. Looking up grsecurity manuals, they usually begin with "Edit your Acess Control List 
permissions in the directory /etc/grsec by..." but I don't have that directory, nor can I find it or anything 
relating to grsec anywhere on the machine, except in the log.


What to do? Have I missed something very basic with file permissions in Linux, does it have anything to do with PAM, 
or is there a bug that came when I downloaded all the Mandrake security patches? I guess I could compile my own 
kernel for the first time and make sure that grsec is out, but if there is any easier and safer solution...? I would 
be very grateful for any help.

Thanks,
Lars


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------

_____________________________________________________________________
Envie de discuter en "live" avec vos amis ? Tlcharger MSN Messenger
http://www.ifrance.com/_reloc/m la 1re messagerie instantane de France
-- 
Pierre BETOUIN
        http://securitech.homeunix.org
        http://www.challenge-securitech.com
GnuPG key :
lynx -dump securitech.homeunix.org/pbetouin.asc | gpg --import

Attachment: signature.asc
Description: Ceci est une partie de message numériquement signée


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]