Grsecurity
Jump to navigation
Jump to search
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.
This book is intended as a comprehensive up-to-date user guide about setting up and administrating a grsecurity-enabled system.
Table of Contents[edit | edit source]
Introduction[edit | edit source]
Installation[edit | edit source]
Administration[edit | edit source]
- The Administration Utility (gradm)
- Additional Utilities
- Runtime Configuration Through sysctl
- Troubleshooting
Policy Configuration[edit | edit source]
Application-specific Settings[edit | edit source]
- Show full list / Add Application
- ATI Catalyst (fglrx)
- cPanel jailshell
- Firefox/Iceweasel
- Google Chrome
- Grub
- GUFW/UFW firewalls or Update Manager
- IOQuake3
- ISC DHCP Server
- Java
- Nagios
- Node.js
- Openoffice.org
- PHP and other applications that set their own resource limits
- X.org
Reporting Bugs[edit | edit source]
Appendix[edit | edit source]
Lists[edit | edit source]
Tables[edit | edit source]
- Role Modes
- Role Attributes
- Subject Modes
- Subject Attributes
- Object Modes
- PaX Flags
- Capability Names and Descriptions
- System Resources
- Sysctl Options
Credits and Permissions[edit | edit source]
See Credits and Permissions for details about copyright and references of this document.