* 2.5.43 hangs silently on boot
@ 2002-10-16 13:28 Robinson Maureira Castillo
2002-10-16 14:08 ` Linux Security Protection System Bosko Radivojevic
0 siblings, 1 reply; 4+ messages in thread
From: Robinson Maureira Castillo @ 2002-10-16 13:28 UTC (permalink / raw)
To: linux-kernel
Hi all,
trying to boot 2.5.43 it always hangs silently in the same task (loading
keys), I'm using RedHat 8.0. When I press CRTL+Scroll Lock it always shows
the same (copied by hand)
S17keytable T CB6F06A0 0 480 479 (L-TLB)
Call Trace:
[<c0121426>] do_exit+0x256/0x2b0
[<c01214b3>] sys_exit+0x13/0x20
[<c01094fb>] syscall_call+0x7/0xb
If I then press crtl-alt-supr it shows me task 'shutdown' and the last
line of call trace is the same as above.
Any clues of what is happening?
Config file:
http://alumno.inacap.cl/~rmaureira/config-2.5.43
lspci -vx:
http://alumno.inacap.cl/~rmaureira/lspci-vx
Best Regards
--
Robinson Maureira Castillo
Asesor DAI
INACAP
^ permalink raw reply [flat|nested] 4+ messages in thread
* Linux Security Protection System
2002-10-16 13:28 2.5.43 hangs silently on boot Robinson Maureira Castillo
@ 2002-10-16 14:08 ` Bosko Radivojevic
2002-10-18 12:47 ` Jakob Oestergaard
2002-10-20 14:14 ` Pavel Machek
0 siblings, 2 replies; 4+ messages in thread
From: Bosko Radivojevic @ 2002-10-16 14:08 UTC (permalink / raw)
To: linux-kernel
LinSec team is proud to announce first stable release of LinSec.
LinSec, as the name says, is Linux Security Protection System. The main aim
of LinSec is to introduce Mandatory Access Control (MAC) mechanism into
Linux (as opposed to existing Discretionary Access Control mechanism).
LinSec model is based on:
* Capabilities
* Filesystem Access Domains
* IP Labeling Lists
* Socket Access Control
As for Capabilities, LinSec heavily extends the Linux native capability
model to allow fine grained delegation of individual capabilities to both
users and programs on the system. No more allmighty root!
Filesystem Access Domain subsystem allows restriction of accessible
filesystem parts for both individual users and programs. Now you can
restrict user activities to only its home, mailbox etc. Filesystem Access
Domains works on device, dir and individual file granularity.
IP Labeling lists enable restriction on allowed network connections on per
program basis. From now on, you may configure your policy so that no one
except your favorite MTA can connect to remote port 25
Socket Access Control model enables fine grained socket access control by
associating, with each socket, a set of capabilities required for a local
process to connect to the socket.
LinSec consists of two parts: kernel patch (currently for 2.4.18) and
userspace tools.
Detailed documentation, download & mailing list information -
http://www.linsec.org
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Linux Security Protection System
2002-10-16 14:08 ` Linux Security Protection System Bosko Radivojevic
@ 2002-10-18 12:47 ` Jakob Oestergaard
2002-10-20 14:14 ` Pavel Machek
1 sibling, 0 replies; 4+ messages in thread
From: Jakob Oestergaard @ 2002-10-18 12:47 UTC (permalink / raw)
To: Bosko Radivojevic; +Cc: linux-kernel
On Wed, Oct 16, 2002 at 04:08:54PM +0200, Bosko Radivojevic wrote:
> LinSec team is proud to announce first stable release of LinSec.
>
> LinSec, as the name says, is Linux Security Protection System. The main aim
> of LinSec is to introduce Mandatory Access Control (MAC) mechanism into
> Linux (as opposed to existing Discretionary Access Control mechanism).
> LinSec model is based on:
>
> * Capabilities
> * Filesystem Access Domains
> * IP Labeling Lists
> * Socket Access Control
Can you describe, shortly, how LinSec is different from SELinux ?
I didn't see a FAQ on your web site.
--
................................................................
: jakob@unthought.net : And I see the elder races, :
:.........................: putrid forms of man :
: Jakob Østergaard : See him rise and claim the earth, :
: OZ9ABN : his downfall is at hand. :
:.........................:............{Konkhra}...............:
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Linux Security Protection System
2002-10-16 14:08 ` Linux Security Protection System Bosko Radivojevic
2002-10-18 12:47 ` Jakob Oestergaard
@ 2002-10-20 14:14 ` Pavel Machek
1 sibling, 0 replies; 4+ messages in thread
From: Pavel Machek @ 2002-10-20 14:14 UTC (permalink / raw)
To: Bosko Radivojevic; +Cc: linux-kernel
Hi!
> Filesystem Access Domain subsystem allows restriction of accessible
> filesystem parts for both individual users and programs. Now you can
> restrict user activities to only its home, mailbox etc. Filesystem Access
> Domains works on device, dir and individual file granularity.
>
> IP Labeling lists enable restriction on allowed network connections on per
> program basis. From now on, you may configure your policy so that no one
> except your favorite MTA can connect to remote port 25
How do you handle ptrace()? Per-program security seems -- quite
strange to me. Either you completely disallow ptrace(), or I can not
seee how per-program security can be usefull...
Pavel
--
Worst form of spam? Adding advertisment signatures ala sourceforge.net.
What goes next? Inserting advertisment *into* email?
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-10-26 10:23 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-10-16 13:28 2.5.43 hangs silently on boot Robinson Maureira Castillo
2002-10-16 14:08 ` Linux Security Protection System Bosko Radivojevic
2002-10-18 12:47 ` Jakob Oestergaard
2002-10-20 14:14 ` Pavel Machek
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.