[grsec] grsecurity 2.1.2 released for 2.4.29/2.6.11 *CRITICAL UPDATE* {Scanned}

General Stone generalstone at o2online.de
Sat Mar 5 07:03:02 EST 2005


On Fri, Mar 04, 2005 at 08:20:00PM -0500, Brad Spengler wrote:
> As an update to this, if you're using grsecurity in the LOW or MEDIUM 
> security settings, you are not vulnerable, since neither SEGMEXEC nor 
> RANDEXEC are enabled in those configurations.  To mitigate some of the 
> risk imposed by the vulnerability until you can patch your machines, 
> echo "0 0" > /proc/sys/vm/pagetable_cache
> 
> Details of the vulnerability will be released next week, to allow for 
> everyone to update first.
> 
> -Brad

I have disbled the RANDEXEC and SEGMEXEC options in the kernel-config,
is it all?
The sysctl option "/proc/sys/vm/pagetable_cache" don't exist on my
machine i586 (kernel-source-2.6.10 with as5).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050305/aacdbce1/attachment.pgp


More information about the grsecurity mailing list