Herbert Poetzl wrote:
There are some issues whth usage of ACLs and dropping CAP_SYSADMINThe current vserver+grsecurity is working perfectly well for me on my
systems. I've been using Sandino Araico Sanchez's vserver+grsec
patch and they've been stable as a rock.
as far as I know, a 'working' vserver/grsec combo
was done several times, but not seriously tested,
and as far as I heard, there where some issues ...
Unfortunately I haven't had as much spare time as I need to dig into that issues and it seems quite complex.
nevertheless, if grsec is going to perish, for whatever reason, it might be interesting to absorb those parts useful for linux-vserver into a security branch of linux-vserver ...
(would be 2.6 branch of course)
best, Herbert
_______________________________________________From: Sandino Araico S�nchez <[EMAIL PROTECTED]>
I've just uploaded the patch Vserver 1.27 + GR Security 1.9.14 against
2.4.25 to
http://www.sandino.net/parches/vserver/linux-2.4.25-grsec-1.9.14-vserver-1.>27.patch.gz
-- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana
_______________________________________________
Vserver mailing list
[EMAIL PROTECTED]
http://list.linux-vserver.org/mailman/listinfo/vserver
Vserver mailing list
[EMAIL PROTECTED]
http://list.linux-vserver.org/mailman/listinfo/vserver
-- Sandino Araico S�nchez -- ... there's no spoon ...
_______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
