Home > Links

Homepage of the PaX team

PaX provides the implementation of non-executable pages and randomization features on i386, alpha, parisc, sparc, sparc64, powerpc, amd64, and ia64 that is included in grsecurity. You will need to download chpax from here to turn on/off these protections on a per-binary basis (ie, for XFree86)

PaX documentation

Extensive documentation on the design and implementation of all of the features of PaX

Hardened Gentoo

Hardened Gentoo is a project which oversees the research, implementation, and maintainence of security oriented projects for Gentoo Linux. It includes grsecurity/PaX and is one of the few distributions shipping PIE binaries, adding to the effectiveness of PaX.

Linux kernel patch from the Openwall Project

Patches for Linux 2.0/2.2/2.4 that provide among a few other features: symlink, hardlink, and fifo restrictions, which grsecurity has integrated. The kernel patch from the Openwall Project provides a non-executable stack, while grsecurity uses PaX for a full non-executable implementation on user and kernel pages.

HAP-Linux Patches

Additions to the Openwall Project's Linux kernel patch for Linux 2.0/2.2 that provided the basis for several of the chroot restrictions present in grsecurity.