diff options
Diffstat (limited to '3.4.1/4460-grsec-kconfig-proc-user.patch')
-rw-r--r-- | 3.4.1/4460-grsec-kconfig-proc-user.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/3.4.1/4460-grsec-kconfig-proc-user.patch b/3.4.1/4460-grsec-kconfig-proc-user.patch new file mode 100644 index 0000000..b2b3188 --- /dev/null +++ b/3.4.1/4460-grsec-kconfig-proc-user.patch @@ -0,0 +1,26 @@ +From: Anthony G. Basile <blueness@gentoo.org> + +Address the mutually exclusive options GRKERNSEC_PROC_USER and GRKERNSEC_PROC_USERGROUP +in a different way to avoid bug #366019. This patch should eventually go upstream. + +diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig +--- a/grsecurity/Kconfig 2011-06-29 10:02:56.000000000 -0400 ++++ b/grsecurity/Kconfig 2011-06-29 10:08:07.000000000 -0400 +@@ -680,7 +680,7 @@ + + config GRKERNSEC_PROC_USER + bool "Restrict /proc to user only" +- depends on GRKERNSEC_PROC ++ depends on GRKERNSEC_PROC && !GRKERNSEC_PROC_USERGROUP + help + If you say Y here, non-root users will only be able to view their own + processes, and restricts them from viewing network-related information, +@@ -688,7 +688,7 @@ + + config GRKERNSEC_PROC_USERGROUP + bool "Allow special group" +- depends on GRKERNSEC_PROC && !GRKERNSEC_PROC_USER ++ depends on GRKERNSEC_PROC + help + If you say Y here, you will be able to select a group that will be + able to view all processes and network-related information. If you've |