Questions tagged [grsec]
11 questions
2
votes
2 answers
How do I override grsec?
After a reboot recently, I have a pair of servers that are now unable to monitor their disk status. Nagios reports:
HP RAID Array
UNKNOWN Error: No controllers detected. -/-/- (LD : [])
I get the same error running the check manually on the host.…
jldugger
- 14,122
- 19
- 73
- 129
2
votes
2 answers
can not run java inside grsec chroot
java runs well inside common chroot.
however in a grsec hardened chroot it complains it has no enough memory to build VM.
any ideas of how to make it run cause i really need a hardened chroot.
thanks.
San Tiago
- 31
- 3
2
votes
5 answers
controlling a linux box behind a router
I am trying to make it possible to control a shell on a linux box behind a router which is not under my control.
My first idea was to make the client (the box behind the router) to ssh to a server under my control and forward the local ssh port,…
fungusakafungus
- 123
- 5
1
vote
1 answer
Grsecurity: grant user permission to see all processes (Debian Jessie)
When Debian Jessie is compiled with grsecurity, a simple user can't see all processes. Therefore tasks carried out by Sensu client (monitoring and telemetry solution) can't see if another processes (like Apache) exists.
Is there a way to grant the…
Dani
- 511
- 2
- 10
- 21
1
vote
1 answer
How to enable RBAC automatically
I think I'm missing something simple, but every time I try to gradm -E, I'm being asked for a password. How can I enable it automatically after boot? (so that no password is needed)
viraptor
- 1,264
- 6
- 21
- 40
1
vote
0 answers
Segmentation faults in hardened ubuntu
I am running Ubuntu Linux 14.04 webserver and it has grsec patch applied.
Absolutely randomly websites become unaccessible and i seeing segmentation faults in dmesg.
May i temporary or permanently disable grsec to investigate further server's…
Demontager
- 73
- 1
- 2
- 8
1
vote
2 answers
How to block users from seeing others processes?
Generally it's one of the functionalities of (For example) grsecurity - user sees only his own processes, and not all others.
But - I'd prefer to avoid installing grsecurity - perhaps something like this can be done in a simpler way?
I'm using Linux…
user13185
1
vote
2 answers
Linux kernel with grsec + Java / Apache Tomcat
I've got a Debian Linux 64 bit dedicated server. The kernel has the grsec patch applied.
I'm mainly using this server to run Apache Tomcat (6.0.26, Java 6) and everything seems fine.
The only issue, is that when I start Tomcat, I get a few of…
NoozNooz42
- 1,155
- 1
- 8
- 9
0
votes
1 answer
Subversion - changing way of handling hooks
My hosting provider had enabled Trusted Path Execution (Grsec), so all my subversion hooks (for example post-commit) stopped working. Any attempt to commit something ends with warning:
post-commit hook failed (exit code 255) with no output.
I…
Krzysztof Bzowski
- 115
- 4
0
votes
1 answer
GRSEC Not allowing Active FTP on Privileged ports
I've been testing an issue with FTP Active transfers recently and I've narrowed down a problem.
On my GRSEC enabled kernel, FTP Active transfers fail to establish on Privileged ports. Using identical configurations, and binding to a high port, the…
anthonyryan1
- 113
- 4
0
votes
1 answer
grsecurity effieffectiveness test with latest proftpd remote exploit
i just tested grsecurity. i installed debian and a vulnerable version of proftpd. i launched an exploit. worked. patched the latest kernel with grsec. and now the exploit doesnt work anymore. BUT . wouldnt just a the new kernel alone cause the…
baj
- 139
- 2
- 8