From: <s-...@rh...> - 2004-01-23 15:40:55
|
On Thu, Jan 22, 2004 at 08:47:12AM -0600, Alex wrote: > Has anyone been able to patch their uml kernel with the grsec patches? > I think it would be really neat to have the grsecurity features inside a > uml. Or is there a good reason why this is not being done? Chroot > enforcements, socket restrictions, and the extra auditing would sure be > nice... > > When I attempt to add the grsec patch, I get a few rejects, mainly mm and > mmprotect stuff. I tried this some time back and I was able to manually > see how things should have been patched, but now I don't and I don't > understand kernel internals very well either. I tried applying grsec to uml too and got the same rejects. I was gonna try and merge them by hand if it isn't too icky when I get some time. If I'm successful I'll post it to the list... |