Home > Papers
"Which is better, grsecurity or SELinux?"
We often see the above question asked and have provided an official response here.
Official grsecurity statement regarding LSM
It's often asked why grsecurity is not implemented within the LSM framework. We have provided an official response and include a link to the RSBAC project's similar response to LSM.
SSTIC 2016 Keynote
This keynote gave a recap of our work in grsecurity and PaX since the PaX Team's 2012 SSTIC keynote. It also includes a "state of the infosec union" address, talks about the future of security technically and politically, and provides advice for newcomers to be successful and productive members of the security community. The Powerpoint version of the slides contain extensive speaker notes.
At ARMs Length Yet So Far Away
This presentation, delivered at H2HC 2013, aims to give a more accessible introduction to the ARM work initially performed at the end of 2012 for inclusion in PaX. It covers the details of the kernel self-protection features developed and ends with a discussion of exploit weaponization against the Linux kernel. For more details on the ARM work, see the blog post.
The Case For Grsecurity
This presentation, delivered at H2HC 2012, provides some background on the history and motivations of the grsecurity project. It provides evidence for grsecurity's necessity in a secure Linux environment, summarizes our work during 2012, explains our strategy for responding to exploits, and points toward future improvements.
This presentation was delivered at Locaweb, a grsecurity sponsor, in October 2012. The purpose of the talk is to introduce users to RBAC as implemented in grsecurity. Freeing from the mind ancient "formal methods" with their associated outdated assumptions, I present the scope and goals of a modern access control system. The presentation also provides a real-life policy for CVS pserver, discussing some security attributes that emerge from the policy, particularly when used in combination with the other features of grsecurity.
Linux Security in 10 Years
In the presentation I touch on a number of topics ranging from exploitation to security model theorizing to prevention. I provide a brief discussion of lessons learned from last year's exploit releases, a discussion of the real-life implications of the kernel being in the TCB, a description of what grsecurity is doing right now in terms of kernel self-protection, and an outline of our ultimate goal for kernel self-protection. Current self-protection involves removing classes of bugs from the set of bugs exploitable for privilege escalation, removing information leaks from the kernel that are greatly useful to an attacker, 'constify'-ing function pointers and other targets of interest, removing arbitrary code execution, and hardening allocators and user<->kernel copying routines against integer overflows and heap overflows/infoleaks through efficient methods. Finally, I discuss the weaknesses that need to be overcome for concrete self-protection in the kernel against exploitation of memory corruption vulnerabilities.
Increasing Performance and Granularity in Role-Based Access Control Systems
This research paper describes some of the recent advances in grsecurity and discusses some possible future features.
PaX: The Guaranteed End of Arbitrary Code Execution
These slides were presented at G-Con 2 in Mexico City, Mexico in October 2003. They provide an overview of PaX and compare it technically and functionally to OpenBSD's W^X and Redhat's Exec-shield
Detection, Prevention, and Containment: A Study of grsecurity
These slides were presented at the Libres Software Meeting in Bordeaux, France in July 2002. The presentation gives an overview of grsecurity and PaX. Note that much of the information in the presentation is out of date, especially regarding the performance hit of PaX, which is now negligible. Nearly all of the future plans stated have already been completed. Please refer to the features page for newer information