diff options
Diffstat (limited to '3.0.4/4423_grsec-remove-protected-paths.patch')
-rw-r--r-- | 3.0.4/4423_grsec-remove-protected-paths.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/3.0.4/4423_grsec-remove-protected-paths.patch b/3.0.4/4423_grsec-remove-protected-paths.patch new file mode 100644 index 0000000..da4c861 --- /dev/null +++ b/3.0.4/4423_grsec-remove-protected-paths.patch @@ -0,0 +1,20 @@ +From: Anthony G. Basile <basile@opensource.dyc.edu> + +We don't want to allow GRSEC's Makefile to change permissions on +paths in the filesystem. + +--- a/grsecurity/Makefile 2010-05-21 06:52:24.000000000 -0400 ++++ b/grsecurity/Makefile 2010-05-21 06:54:54.000000000 -0400 +@@ -27,8 +27,8 @@ + ifdef CONFIG_GRKERNSEC_HIDESYM + extra-y := grsec_hidesym.o + $(obj)/grsec_hidesym.o: +- @-chmod -f 500 /boot +- @-chmod -f 500 /lib/modules +- @-chmod -f 700 . +- @echo ' grsec: protected kernel image paths' ++ # @-chmod -f 500 /boot ++ # @-chmod -f 500 /lib/modules ++ # @-chmod -f 700 . ++ # @echo ' grsec: protected kernel image paths' + endif |