diff options
author | Anthony G. Basile <blueness@gentoo.org> | 2016-10-11 12:59:38 -0400 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2016-10-11 12:59:38 -0400 |
commit | e18599fdb6d5103524c963e63a505efea4a5d693 (patch) | |
tree | 04abfadc60d630d1402cd8ed93011071b9b63ea4 /4.7.7/4440_grsec-remove-protected-paths.patch | |
parent | grsecurity-3.1-4.7.6-201609301918 (diff) | |
download | hardened-patchset-e18599fdb6d5103524c963e63a505efea4a5d693.tar.gz hardened-patchset-e18599fdb6d5103524c963e63a505efea4a5d693.tar.bz2 hardened-patchset-e18599fdb6d5103524c963e63a505efea4a5d693.zip |
grsecurity-3.1-4.7.7-20161010190220161010
Diffstat (limited to '4.7.7/4440_grsec-remove-protected-paths.patch')
-rw-r--r-- | 4.7.7/4440_grsec-remove-protected-paths.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/4.7.7/4440_grsec-remove-protected-paths.patch b/4.7.7/4440_grsec-remove-protected-paths.patch new file mode 100644 index 0000000..741546d --- /dev/null +++ b/4.7.7/4440_grsec-remove-protected-paths.patch @@ -0,0 +1,20 @@ +From: Anthony G. Basile <blueness@gentoo.org> + +We don't want GRSEC's Makefile to change permissions on paths in +the filesystem. + +diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile +--- a/grsecurity/Makefile 2011-10-19 20:42:50.000000000 -0400 ++++ b/grsecurity/Makefile 2011-10-19 20:45:08.000000000 -0400 +@@ -44,11 +44,4 @@ + ifdef CONFIG_GRKERNSEC_HIDESYM + extra-y := grsec_hidesym.o + $(obj)/grsec_hidesym.o: +- @-chmod -f 500 /boot +- @-chmod -f 500 /lib/modules +- @-chmod -f 500 /lib64/modules +- @-chmod -f 500 /lib32/modules +- @-chmod -f 700 . +- @-chmod -f 700 $(objtree) +- @echo ' grsec: protected kernel image paths' + endif |