[systemd-bugs] [Bug 65575] CONFIG_GRKERNSEC_PROC prevents systemd's active users to have enough permission
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Mon Jul 22 07:32:25 PDT 2013
https://bugs.freedesktop.org/show_bug.cgi?id=65575
--- Comment #7 from Agostino Sarubbo <ago at gentoo.org> ---
(In reply to comment #6)
> Could you be a bit more explicit? What is CONFIG_GRKERNSEC_PROC doing and
> why is breaking systemd?
Sure.
You can find the info about grsecurity here http://grsecurity.net/
The explanation of the module is:
If you say Y here, the permissions of the /proc filesystem will be altered to
enhance system security and privacy. You MUST choose either a user only
restriction or a user and group restriction. Depending upon the option you
choose, you can either restrict users to see only the processes they themselves
run, or choose a group that can view all processes and files normally
restricted to root if you choose the "restrict to user only" option. NOTE: If
you're running identd or ntpd as a non-root user, you will have to run it as
the group you specify here.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-bugs/attachments/20130722/e59458dd/attachment.html>
More information about the systemd-bugs
mailing list