[grsec] grsecurity 2.1.2 released for 2.4.29/2.6.11 *CRITICAL UPDATE* {Scanned}

Brad Spengler spender at grsecurity.net
Sat Mar 5 09:07:34 EST 2005


> I have disbled the RANDEXEC and SEGMEXEC options in the kernel-config,
> is it all?
> The sysctl option "/proc/sys/vm/pagetable_cache" don't exist on my
> machine i586 (kernel-source-2.6.10 with as5).

Indeed, it doesn't look like that exists on 2.6 kernels, so the 
workaround is only possible on 2.4.  Disabling RANDEXEC and SEGMEXEC 
will fix the problem, but if you're going to install a new kernel, there 
haven't been many changes from 2.1.1 to 2.1.2 (unless it's the 
2.6.10->2.6.11 changes you're worried about).  I would still recommend 
updating so you can take advantage of PaX, or enable the PAGEEXEC method 
instead.

-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050305/998a3f4b/attachment.pgp


More information about the grsecurity mailing list