Re: Grsecurity patches on Debian
Am Montag, 7. Februar 2005 14:10 schrieb Andras Got:
> You should start with grsec low and proc restricions set customly.
> Hardening your kernel is always a option. The grsec default high settings,
> and PaX break Jetty (java server container) in two, so it simply won't
> start, gradm won't help as I know. After the grsec default low settings you
> should read about the functions grsec has, and consider which one is good
> for you or worth using. I have grsec deafult high (+ the new extras set)
> kernels on gateways and one prod webserver. It works very well so far.
> Grsec+PaX itself won't break any program, that don't do anything wierd or
> unusual and suspicous. When you use chroot (postfix uses it by default),
> grsec can harden very vell your chroot systems.
Well, once I had some trouble using wine on an openwall patched terminal
I don't know, whetere these issue still apply.
Achtung: Die E-Mail-Adresse email@example.com wird in Kürze
deaktiviert werden. Bitte nutzen Sie die Adresse