For those following along at home, I would suggest booting the grsec
enabled kernel once - then saving the output of `sudo lsmod` into a
file. Take every module you want (ie: all of them) and put the list
into /etc/initramfs-tools/modules - then you'll need to run
`dpkg-reconfigure
On 12/21/15, Mickaël Salaün <m...@digikod.net> wrote:
> On 21/12/2015 00:14, Jacob Appelbaum wrote:
>> I was left with:
>>
>> [ 1802.373906] grsec: denied untrusted exec (due to not being in
>> trusted group and file in non-root-owned directory) of
>> /run/
I'm also running this kernel with AppArmor and it seems to work without issue.
I followed the steps on https://wiki.debian.org/AppArmor/HowToUse
which sets "apparmor=1 security=apparmor" on the kernel command line
as documented:
sudo perl -pi -e
To make my Debian Jessie system work with pax, I had to set pax flags
for these three binaries:
paxctl -c -m /usr/bin/gnome-shell
paxctl -c -m /usr/bin/gnome-session
paxctl -c -m /usr/bin/pulseaudio
If you don't want to modify the binary, you can also set the
attributes in the file system:
It may make sense for us to have a package of paxrat with common
configurations for Debian users:
https://github.com/subgraph/paxrat
This would ensure that everyone can use this kernel and have xorg work
as expected, for example.
Otherwise, I think we will see a lot of people who just run:
On 12/19/15, Yves-Alexis Perez wrote:
> On jeu., 2015-11-05 at 22:08 +0100, Yves-Alexis Perez wrote:
>> On sam., 2015-10-10 at 21:55 +0200, Yves-Alexis Perez wrote:
>> > This is really a work in progress and this mail a request for comment.
>> > Especially missing is:
>>
>> So,
On 12/19/15, Jacob Appelbaum <ja...@appelbaum.net> wrote:
> On 12/19/15, Yves-Alexis Perez <cor...@debian.org> wrote:
>> On jeu., 2015-11-05 at 22:08 +0100, Yves-Alexis Perez wrote:
>>> On sam., 2015-10-10 at 21:55 +0200, Yves-Alexis Perez wrote:
>>&
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: novena-eeprom
Version : v1.0
Upstream Author : Sean Cross
* URL : https://github.com/xobs/novena-eeprom/
* License : BSD
Programming Lang: C
Description : novena
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: blockfinder
Version : v1.0
Upstream Author : Jacob Appelbaum
* URL : https://github.com/ioerror/blockfinder/
* License : BSD-2-Clause
Programming Lang: Python
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: golang-xmpp-dev
Version : 0.0~20140304-1
Upstream Author : Adam Langley a...@imperialviolet.org
* URL : http://www.github.com/agl/xmpp
* License : BSD
Programming Lang
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: xmpp-client
Version : 0.1~20140304-1
Upstream Author : Adam Langley a...@imperialviolet.org
* URL : http://www.github.com/agl/xmpp
* License : BSD
Programming Lang
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: liborchid-java
Version : 1.0
Upstream Author : Bruce Leidl br...@subgraph.com
* URL : http://www.subgraph.com/orchid.html
* License : BSD
Programming Lang: Java
I've uploaded a package - including the suggested VCS packaging
details - it is now in the new queue waiting for review by the Great
Debian Packaging Review Overlords:
https://ftp-master.debian.org/new.html
https://ftp-master.debian.org/new/torbirdy_0.1.2-1.html
I've also updated a related
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: torbrowser-launcher
Version : 0.0.1
Upstream Author : Micah Lee micahf...@riseup.net
* URL : https://github.com/micahflee/torbrowser-launcher
* License : BSD
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: torbirdy
Version : 0.0.13
Upstream Author : Jacob Appelbaum ja...@appelbaum.net
* URL : https://www.github.com/ioerror/torbirdy
* License : BSD
Programming Lang
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum ja...@appelbaum.net
* Package name: tlsdate
Version : 0.0.1
Upstream Author : Jacob Appelbaum ja...@appelbaum.net
* URL : https://www.github.com/ioerror/tlsdate
* License : BSD
Programming Lang: C
Package: wnpp
Severity: wishlist
Owner: Debian Forensics [EMAIL PROTECTED]
* Package name: AESKeyFinder
Version : 1.0.0
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C
Description : A tool for finding and repairing AES
Package: wnpp
Severity: wishlist
Owner: Debian Forensics [EMAIL PROTECTED]
* Package name: RSAKeyFinder
Version : 1.0.0
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C++
Description : A tool for locating RSA private and
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum [EMAIL PROTECTED]
* Package name: biosmemimage
Version : 1.0.0
* URL : http://citp.princeton.edu/memory/code/
* License : BSD
Programming Lang: C
Description : Tools for capturing memory dumps on x86
owner 495422 Debian Forensics [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: wnpp
Severity: wishlist
Owner: Jacob Appelbaum [EMAIL PROTECTED]
* Package name: ozymandns
Version : 0.0.1
Upstream Author : Dan Kaminsky [EMAIL PROTECTED]
* URL : http://www.doxpara.com/ozymandns_src_0.1.tgz
* License : (Currently consulting
21 matches
Mail list logo