[grsec] grsecurity 2.1.2 released for 2.4.29/2.6.11 *CRITICAL
UPDATE* {Scanned}
Brad Spengler
spender at grsecurity.net
Sat Mar 5 09:07:34 EST 2005
> I have disbled the RANDEXEC and SEGMEXEC options in the kernel-config,
> is it all?
> The sysctl option "/proc/sys/vm/pagetable_cache" don't exist on my
> machine i586 (kernel-source-2.6.10 with as5).
Indeed, it doesn't look like that exists on 2.6 kernels, so the
workaround is only possible on 2.4. Disabling RANDEXEC and SEGMEXEC
will fix the problem, but if you're going to install a new kernel, there
haven't been many changes from 2.1.1 to 2.1.2 (unless it's the
2.6.10->2.6.11 changes you're worried about). I would still recommend
updating so you can take advantage of PaX, or enable the PAGEEXEC method
instead.
-Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20050305/998a3f4b/attachment.pgp
More information about the grsecurity
mailing list