New option with grsecurity-3.1-4.4.2-201602182048.patch, you can add:
# Disallow unprivileged use of command injection
kernel.grsecurity.harden_tty = 1
--
Best regards,
HacKurx (Loic)
2016-02-01 16:00 GMT+01:00 HacKurx:
>>> 3] Consider adding in postinst "usermod -aG grsec-tpe root ||true" for
>>> avoid many problems (systemd).
>>
>> That doesn't look like a good idea at first sight. First, I'm unsure if TPE
>> restriction
without RBAC), this file indicate the grsecurity options which are
deactivated... Practice to try to become root.
3] Consider adding in postinst "usermod -aG grsec-tpe root ||true" for
avoid many problems (systemd).
--
Best regards,
HacKurx (Loic)
2016-02-01 15:32 GMT+01:00 Yves-Alexis Perez <cor...@debian.org>:
> On lun., 2016-02-01 at 15:08 +0100, HacKurx wrote:
>> I just saw the changes in your recent release. I still have a few remarks:
>>
>> 1] Recommendation from compatibility with ubuntu system: Rename
>
Package: linux-grsec-base
Version: 4
Severity: normal
Dear Maintainer,
It lacks some configuration options for sysctl with grsecurity. To know:
kernel.grsecurity.audit_gid
kernel.grsecurity.audit_group
kernel.grsecurity.enforce_symlinksifowner
kernel.grsecurity.symlinkown_gid
I'll send you a
MODE is not set" to ensure that PAX cannot be disabled
in a hardened kernel (Can be possible with Kernel Parameters at
startup.)
2016-01-06 18:36 GMT+01:00 Yves-Alexis Perez <cor...@debian.org>:
> On mer., 2016-01-06 at 13:28 +0100, HacKurx wrote:
>> It lacks some configuration
dit_ptrace
kernel.grsecurity.harden_ptrace
kernel.grsecurity.harden_ipc
kernel.grsecurity.grsec_lock
kernel.grsecurity.romount_protect
kernel.grsecurity.deny_new_usb
"kernel.pax.softmode" is not listed in that.
--
Best regards,
HacKurx (Loic)
blog.opensec.fr
nd one you know:
https://projects.archlinux.org/svntogit/community.git/tree/trunk?h=packages/paxd
For nvidia :
https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=nvidia-grsec
and to test the set:
https://github.com/slimm609/checksec.sh
--
Best regards,
HacKurx (Loic)
blog.opensec.fr
On Tue, 05 Jan 2016 15:40:50 +0100 Yves-Alexis Perez <cor...@debian.org> wrote:
> On mar., 2016-01-05 at 15:33 +0100, HacKurx wrote:
> > There are 52 variables sysctl with grsecurity but 42 are used in
> > grsec.conf (linux-grsec-base-0.1).
> > To know the list :
&
Hi,
New release of:
_libbluray 0.6.0
_libaacs 0.7.1
_libbdplus 0.1.1
For more information, please look this:
http://www.jbkempf.com/blog/post/2014/Blu-Ray-libraries-update
The RFP for libbdplus will evolve it to debian jessie?
Thanks
--
To UNSUBSCRIBE, email to
Package: libbdplus
Version: 0.1.0
Severity: normal
Dear Maintainer,
libbdplus is a research project to implement the BD+ System Specifications.
This research project provides, through an open-source library, a way to
understand how the BD+ works.
NB: this project doesn't offer any key,
Hi,
The update of vlc, libbluray, libaacs and libbdplus (which is not
available in debian) works fine.
Regards,
Le 2014-02-09 23:02, Sebastian Ramacher a écrit :
Control: tags -1 + moreinfo
On 2012-03-06 20:36:39, HacKurx wrote:
Package: vlc
Version: 2.0.0-6
Severity: normal
Hi
If notice of a systems administrator interests you:
upstart systemd /dev/null
Now please go look OpenRC:
http://en.wikipedia.org/wiki/OpenRC
I put the link to wikipedia :)
Lightweight, easily editable and portable. What more?
Best regards,
--
To UNSUBSCRIBE, email to
tests should be ignored
for PPC64)
* added 32/64bit target support
* added shellode.h to easily support additional architectures
* made paxctl generate the PT_PAX_FLAGS header for binaries that
didn't have one
Thank you for your work,
Best regards,
HacKurx
www.hackurx.info
-- System
Hi,
sorry for my late reply.
An update grub has corrected the problem.
Note that windows 8 install AHCI does not seem to be able to boot in
IDE mode thereafter.
Best regards
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
regards,
HacKurx
www.hackurx.info
-- Package-specific info:
*** BEGIN /proc/mounts
/dev/disk/by-uuid/14414f4c-ac17-4ab4-b916-3341cf4136b6 / ext4
rw,noatime,errors=remount-ro,data=ordered 0 0
/dev/sda7 /home ext4 rw,relatime,data=ordered 0 0
/dev/sda5 /tmp ext4 rw,nosuid,nodev
regards
HacKurx
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Hello,
I encountered the same problem with debian wheezy, I solved it by
installing the package xserver-xorg-video-nouveau_1.0.1-1 of debian
sid.
Please made a request to use this version in debian wheezy.
Thanks for your work in Debian.
Best regards,
HacKurx
www.hackurx.info
Thank you very much for your work :)
Best regards,
HacKurx
Le 17 mars 2012 09:08, Rémi Denis-Courmont r...@remlab.net a écrit :
reassign 662850 libbluray1
thanks
Hello,
Le mardi 6 mars 2012 21:36:39 HacKurx, vous avez écrit :
Package: vlc
Version: 2.0.0-6
Severity: normal
Hi
Package: vlc
Version: 2.0.0-6
Severity: normal
Hi,
The option open blu-ray in vlc 2.0 not running :
bluray:///dev/dvd
but it works in command line:
vlc bluray:///media/FASTER
Thanks.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Package: gufw
Version: 9.10.2-1
Severity: normal
Hi,
GUFW in debian squeeze ot run because he configure to use gksu.
The solution is run GUFW :
su-to-root -X -c gufw
Best regards.
-- System Information:
Debian Release: 6.0.3
APT prefers stable-updates
APT policy: (990, 'stable-updates'),
The new version of the driver (Linux 3.1)
/sbin/modinfo r8169
filename: /lib/modules/3.1.0-2-generic/kernel/drivers/net/r8169.ko
firmware: rtl_nic/rtl8105e-1.fw
firmware: rtl_nic/rtl8168e-3.fw
firmware: rtl_nic/rtl8168e-2.fw
firmware: rtl_nic/rtl8168e-1.fw
firmware:
The R8169 driver in kernel 3.1 fixes the problem :
https://bugs.launchpad.net/bugs/839393
Thanks
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
I use Debian Squeeze 6.0.3, my kernel is :
Linux SRV-01 2.6.32-5-amd64 #1 SMP Mon Oct 3 03:59:20 UTC 2011 x86_64 GNU/Linux
Currently I'm using the r8168 driver. I tested the new driver r8169
compiling a kernel 3.1rc4 and everything works perfectly:
Unfortunately it has not changed much, the connection was not stable :
Debian 6.0.2
/sbin/modinfo r8169
filename: /lib/modules/2.6.32-5-amd64/kernel/drivers/net/r8169.ko
firmware: rtl_nic/rtl8168d-2.fw
firmware: rtl_nic/rtl8168d-1.fw
version:2.3LK-NAPI
Here is what I have done to correct my problem :
apt-get install make linux-headers-2.6-amd64
wget http://r8168.googlecode.com/files/r8168-8.025.00.tar.bz2
tar -xvf r8168-8.025.00.tar.bz2
cd r8168-8.025.00
./autorun.sh
rmmod r8169
modprobe r8168
vim /etc/modprobe.d/blacklist.conf
blacklist r8169
Hi,
Thank you for your work in debian,
So normally this will fix the problem I had in several distributions?
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/839393
Best regards,
HacKurx
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
27 matches
Mail list logo