| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <p0624081dc48e6036b8f4@[192.168.168.51]> Date: Mon, 30 Jun 2008 12:04:42 +0200 From: Barbara Picci <barbara.picci@...di.it> To: linux-kernel@...r.kernel.org Subject: Help with Hardening Linux Hi all, I'm a server administrator (Dell PowerEdge). I usually use Debian. Before now I used lcap to disable some capabilities (with success with kernel 2.4). Now I'm configuring some machines with Debian etch and kernel 2.6.25. I enable with makemenuconfig "Enable different security models" >> "Default Linux Capabilities" and my .config is: # # Security options # CONFIG_KEYS=y # CONFIG_KEYS_DEBUG_PROC_KEYS is not set CONFIG_SECURITY=y # CONFIG_SECURITY_NETWORK is not set CONFIG_SECURITY_CAPABILITIES=y # CONFIG_SECURITY_FILE_CAPABILITIES is not set # CONFIG_SECURITY_ROOTPLUG is not set CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=0 I try to install lcap_0.0.6-3.1_i386.deb from packages.debian.org but, if I louch lcap, instead of the list of capabilities, I've: /proc/sys/kernel/cap-bound: No such file or directory I googled on forums, sites, etc. but I can't find a solution. Thanks in advance Barbara Picci -- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists