[grsec] Is CONFIG_SECURITY no longer required?
spender at grsecurity.net
Fri Oct 9 23:20:43 EDT 2009
On Sat, Oct 10, 2009 at 11:06:29AM +0800, Pavel Labushev wrote:
> In past Grsecurity patches CONFIG_GRKERNSEC required CONFIG_SECURITY,
> but not in the recent patch for 22.214.171.124. Is that correct, the basic LSM
> hooks are no longer needed at all?
Correct. Before, you had to have CONFIG_SECURITY enabled just to get
the same capability support that you had by default in 2.4. They've
since moved that out of the dependence on LSM and made it supported by
default, as it should have been from the beginning. mmap_min_addr also
required CONFIG_SECURITY until recently.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://grsecurity.net/pipermail/grsecurity/attachments/20091009/2e82c48b/attachment.pgp
More information about the grsecurity