On 03/10/2015 03:46 PM, Richard Weinberger wrote: > Am 10.03.2015 um 15:38 schrieb Toralf Förster: >> On 03/08/2015 11:44 PM, Richard Weinberger wrote: >>> Okay. Does it work on a regular host system? >>> I.e. not broken^Whardened. >>> >>> I run x86 UML's very often on x86_64... >> >> Ok, I have here just a hardened system, so I'll look for issues related to >> that . > > It would also help if you could describe in detail what you've hardened. :) > > Thanks, > //richard > Of course,
so, I installed a hardened 64bit Gentoo [1], configured GRsecurity in the kernel : CONFIG_GRKERNSEC=y CONFIG_GRKERNSEC_CONFIG_AUTO=y # CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set # CONFIG_GRKERNSEC_CONFIG_SERVER is not set CONFIG_GRKERNSEC_CONFIG_DESKTOP=y and set at boot: sysctl -w kernel.grsecurity.chroot_deny_chmod=0 Nothing further, no SElinux, RBAC etc. [1] https://wiki.gentoo.org/wiki/Hardened_Gentoo -- Toralf pgp key: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 0076 E94E ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ User-mode-linux-devel mailing list User-mode-linux-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
