Re: Securing Fedora Core 4

From: AragonX (aragonx_at_dcsnow.com)
Date: 09/23/05

  • Next message: Cocobu: "Re: Securing Fedora Core 4" 
    Date: Fri, 23 Sep 2005 15:48:23 -0400 (EDT)
To: "Cocobu" <cocobu@mail.pf>

    <quote who="Cocobu">
    > A good idea is patching the kernel with grsecurity
    > (http://www.grsecurity.net/)
    >
    > Just my 2 cent.

    That's the 2nd time I've heard that package suggested. I checked out the
    web site and it looks very powerful. How easy is it to configure and
    understand?

    My major problem with SELinux was that it was so complex, I couldn't see
    everything it was doing easily. That made it a not so good security tool
    for me because I just had to trust that it was doing the right job and
    doing it well...

  • Next message: Cocobu: "Re: Securing Fedora Core 4"

    Relevant Pages

    • [Full-Disclosure] Re: Buffer overflow prevention
      ... >> that may need executable stack). ... >> need to be compiled into anything but the kernel. ... the GRsec patch is a single option in the kernel ... way grsecurity gets a little to restrictive with things like restericting ...
      (Full-Disclosure)
    • [Full-Disclosure] [grsec] grsecurity 2.1.0 release / 5 Linux kernel advisories
      ... grsecurity 2.1.0 release / Linux Kernel advisories ... Linux Kernel advisory introduction ... vulnerabilities is a privilege, and when that privilege is abused by not ...
      (Full-Disclosure)
    • Re: Grsecurity is about to be discontinued...
      ... These days people out there are running closed-source adobe flash plugin ... Grsecurity proved itself as a viable, ... can be learned from those "monkeys" on how to think secure. ... If those guys want to get code into the mainline kernel then the path for that is the same as for anybody else: concrete, step-by-step improvements that do not duplicate functionality that is already present in the kernel, actually belong in the kernel as opposed to userspace, and do not create an undue maintenance burden. ...
      (Linux-Kernel)
    • Re: Why is Fedora not a Free GNU/Linux distributions?
      ... The below quote or mail nowhere has a blanket statement saying binary modules are not derivative works as you claim. ... kernel services by normal system calls - this is merely considered ... there really is no exception. ...
      (Fedora)
    • Grsecurity is about to be discontinued, unless...
      ... grsecurity has been available for the Linux kernel since a while. ... According to their developers, ...
      (Linux-Kernel)