[grsec] grsecurity 2.0.2 for 2.4.28-rc3 test release
spender at grsecurity.net
spender at grsecurity.net
Sun Nov 14 16:24:28 EST 2004
I've made a test release of grsecurity 2.0.2 for 2.4.28-rc3 available
at:
http://grsecurity.net/~spender/grsecurity-2.0.2-2.4.28-rc3.patch
gradm 2.0.2 is at:
http://grsecurity.net/~spender/gradm-2.0.2.tar.gz
Among the changes include:
pax updates and addition of pax code for mips, mips64, ia64, and amd64
change to chroot restrictions so zombie tasks aren't shown in a chroot
process listing
randomized pids optimization
randkstack disabled in high security setting if not supported by cpu
completely rewritten logging system, which significantly reduces the
.text size of the kernel with grsec
CAP_FOWNER was removed from the set of capabilities disallowed in a
chroot
ip tagging table placed into the bss, fixes a sparc32 booting problem
pax acl hook support added (set to direct in config)
fixed sysctl compile error when grsec is disabled
fixed RBAC bug with signal protect flag
fixed any future problems with kernel role in gradm
-Brad
More information about the grsecurity
mailing list