Home > Links
PaX provides the implementation of non-executable pages and randomization features on i386, alpha, parisc, sparc, sparc64, powerpc, amd64, and ia64 that is included in grsecurity. You will need to download chpax from here to turn on/off these protections on a per-binary basis (ie, for XFree86)
Extensive documentation on the design and implementation of all of the features of PaX
Hardened Gentoo is a project which oversees the research, implementation, and maintainence of security oriented projects for Gentoo Linux. It includes grsecurity/PaX and is one of the few distributions shipping PIE binaries, adding to the effectiveness of PaX.
Patches for Linux 2.0/2.2/2.4 that provide among a few other features: symlink, hardlink, and fifo restrictions, which grsecurity has integrated. The kernel patch from the Openwall Project provides a non-executable stack, while grsecurity uses PaX for a full non-executable implementation on user and kernel pages.
Additions to the Openwall Project's Linux kernel patch for Linux 2.0/2.2 that provided the basis for several of the chroot restrictions present in grsecurity.