diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2014-11-23 08:22:19 -0500 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2014-11-23 08:22:19 -0500 |
| commit | 15afc830247f64793abdbf9549d38b2e2e202ea2 (patch) | |
| tree | 7d3a66d42ef5e2ca847938d273f7671d8844a63f /3.14.25/4440_grsec-remove-protected-paths.patch | |
| parent | Grsec/PaX: 3.0-{3.2.64,3.14.24,3.17.2}-201411150027 (diff) | |
| download | hardened-patchset-15afc830247f64793abdbf9549d38b2e2e202ea2.tar.gz hardened-patchset-15afc830247f64793abdbf9549d38b2e2e202ea2.tar.bz2 hardened-patchset-15afc830247f64793abdbf9549d38b2e2e202ea2.zip | |
Grsec/PaX: 3.0-{3.2.64,3.14.25,3.17.4}-201411220955
Diffstat (limited to '3.14.25/4440_grsec-remove-protected-paths.patch')
| -rw-r--r-- | 3.14.25/4440_grsec-remove-protected-paths.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/3.14.25/4440_grsec-remove-protected-paths.patch b/3.14.25/4440_grsec-remove-protected-paths.patch new file mode 100644 index 0000000..741546d --- /dev/null +++ b/3.14.25/4440_grsec-remove-protected-paths.patch @@ -0,0 +1,20 @@ +From: Anthony G. Basile <blueness@gentoo.org> + +We don't want GRSEC's Makefile to change permissions on paths in +the filesystem. + +diff -Naur a/grsecurity/Makefile b/grsecurity/Makefile +--- a/grsecurity/Makefile 2011-10-19 20:42:50.000000000 -0400 ++++ b/grsecurity/Makefile 2011-10-19 20:45:08.000000000 -0400 +@@ -44,11 +44,4 @@ + ifdef CONFIG_GRKERNSEC_HIDESYM + extra-y := grsec_hidesym.o + $(obj)/grsec_hidesym.o: +- @-chmod -f 500 /boot +- @-chmod -f 500 /lib/modules +- @-chmod -f 500 /lib64/modules +- @-chmod -f 500 /lib32/modules +- @-chmod -f 700 . +- @-chmod -f 700 $(objtree) +- @echo ' grsec: protected kernel image paths' + endif |