[arch-commits] Commit in linux-grsec/trunk (PKGBUILD sysctl.conf)
Daniel Micay
thestinger at nymeria.archlinux.org
Wed Jun 11 05:05:45 UTC 2014
Date: Wednesday, June 11, 2014 @ 07:05:45
Author: thestinger
Revision: 112992
enable chroot_enforce_chdir by default
This does not appear to break any software, so it might as well be enabled.
Modified:
linux-grsec/trunk/PKGBUILD
linux-grsec/trunk/sysctl.conf
-------------+
PKGBUILD | 2 +-
sysctl.conf | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-06-10 22:06:14 UTC (rev 112991)
+++ PKGBUILD 2014-06-11 05:05:45 UTC (rev 112992)
@@ -46,7 +46,7 @@
'65d58f63215ee3c5f9c4fc6bce36fc5311a6c7dbdbe1ad29de40647b47ff9c0d'
'cf2e7a2d00787f754028e7459688c2755a406e632ce48b60952fa4ff7ed6f4b7'
'79359454c9d8446eb55add2b1cdbf8332bd67dafb01fefb5b1ca090225f64d18'
- 'e734ac2a6e865b70dbe1e55ce55a5bd1b1e0cedea903c6341b9cfbabe420c763')
+ '1f157837d6bbcb6813e7fd095ed8d088ed104cb029404241bf2a3d7abc629fe8')
_kernelname=${pkgbase#linux}
Modified: sysctl.conf
===================================================================
--- sysctl.conf 2014-06-10 22:06:14 UTC (rev 112991)
+++ sysctl.conf 2014-06-11 05:05:45 UTC (rev 112992)
@@ -57,7 +57,7 @@
#kernel.grsecurity.chroot_deny_shmat = 1
#kernel.grsecurity.chroot_deny_sysctl = 1
#kernel.grsecurity.chroot_deny_unix = 1
-#kernel.grsecurity.chroot_enforce_chdir = 1
+kernel.grsecurity.chroot_enforce_chdir = 1
#kernel.grsecurity.chroot_findtask = 1
#kernel.grsecurity.chroot_restrict_nice = 1
More information about the arch-commits
mailing list