kernel: Disable some chroot hardening options.

author Michael Tremer <michael.tremer@ipfire.org>

Sat, 20 Oct 2012 10:06:32 +0000 (10:06 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Sat, 20 Oct 2012 10:06:32 +0000 (10:06 +0000)
author Michael Tremer <michael.tremer@ipfire.org>
Sat, 20 Oct 2012 10:06:32 +0000 (10:06 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Sat, 20 Oct 2012 10:06:32 +0000 (10:06 +0000)
diff --git a/kernel/config-generic b/kernel/config-generic

index a2b2e3bff11a7cf4a0174e255a81194ca50f3014..30271fee2d2296397208604fd42dc15efd585e2e 100644 (file)
--- a/kernel/config-generic
+++ b/kernel/config-generic
@@ -4107,9 +4107,9 @@ CONFIG_GRKERNSEC_CHROOT_MOUNT=y
  CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
  CONFIG_GRKERNSEC_CHROOT_PIVOT=y
  CONFIG_GRKERNSEC_CHROOT_CHDIR=y
-CONFIG_GRKERNSEC_CHROOT_CHMOD=y
+# CONFIG_GRKERNSEC_CHROOT_CHMOD is not set
  CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
-CONFIG_GRKERNSEC_CHROOT_MKNOD=y
+# CONFIG_GRKERNSEC_CHROOT_MKNOD is not set
  CONFIG_GRKERNSEC_CHROOT_SHMAT=y
  CONFIG_GRKERNSEC_CHROOT_UNIX=y
  CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
diff --git a/kernel/kernel.nm b/kernel/kernel.nm

index 5ff9ba3955c4b3eeec39e01f20370e9f57f15089..37b56582693ac172ef7f3d565232ba4d27f10395 100644 (file)
--- a/kernel/kernel.nm
+++ b/kernel/kernel.nm
@@ -5,7 +5,7 @@
  
  name       = kernel
  version    = 3.5.3
-release    = 0.1
+release    = 0.2
  thisapp    = linux-%{version}
  
  maintainer = Michael Tremer <michael.tremer@ipfire.org>
author	Michael Tremer <michael.tremer@ipfire.org>
	Sat, 20 Oct 2012 10:06:32 +0000 (10:06 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sat, 20 Oct 2012 10:06:32 +0000 (10:06 +0000)
kernel/config-generic		patch \| blob \| blame \| history
kernel/kernel.nm		patch \| blob \| blame \| history