[arch-commits] Commit in linux-grsec/trunk (PKGBUILD sysctl.conf)

Daniel Micay thestinger at nymeria.archlinux.org
Wed Jun 11 05:05:45 UTC 2014


    Date: Wednesday, June 11, 2014 @ 07:05:45
  Author: thestinger
Revision: 112992

enable chroot_enforce_chdir by default

This does not appear to break any software, so it might as well be enabled.

Modified:
  linux-grsec/trunk/PKGBUILD
  linux-grsec/trunk/sysctl.conf

-------------+
 PKGBUILD    |    2 +-
 sysctl.conf |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-06-10 22:06:14 UTC (rev 112991)
+++ PKGBUILD	2014-06-11 05:05:45 UTC (rev 112992)
@@ -46,7 +46,7 @@
             '65d58f63215ee3c5f9c4fc6bce36fc5311a6c7dbdbe1ad29de40647b47ff9c0d'
             'cf2e7a2d00787f754028e7459688c2755a406e632ce48b60952fa4ff7ed6f4b7'
             '79359454c9d8446eb55add2b1cdbf8332bd67dafb01fefb5b1ca090225f64d18'
-            'e734ac2a6e865b70dbe1e55ce55a5bd1b1e0cedea903c6341b9cfbabe420c763')
+            '1f157837d6bbcb6813e7fd095ed8d088ed104cb029404241bf2a3d7abc629fe8')
 
 _kernelname=${pkgbase#linux}
 

Modified: sysctl.conf
===================================================================
--- sysctl.conf	2014-06-10 22:06:14 UTC (rev 112991)
+++ sysctl.conf	2014-06-11 05:05:45 UTC (rev 112992)
@@ -57,7 +57,7 @@
 #kernel.grsecurity.chroot_deny_shmat = 1
 #kernel.grsecurity.chroot_deny_sysctl = 1
 #kernel.grsecurity.chroot_deny_unix = 1
-#kernel.grsecurity.chroot_enforce_chdir = 1
+kernel.grsecurity.chroot_enforce_chdir = 1
 #kernel.grsecurity.chroot_findtask = 1
 #kernel.grsecurity.chroot_restrict_nice = 1
 




More information about the arch-commits mailing list