Grsecurity
Appearance
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.
This book is intended as a comprehensive up-to-date user guide about setting up and administrating a grsecurity-enabled system.
Table of Contents
[edit | edit source]Introduction
[edit | edit source]Installation
[edit | edit source]Administration
[edit | edit source]- The Administration Utility (gradm)
- Additional Utilities
- Runtime Configuration Through sysctl
- Troubleshooting
Policy Configuration
[edit | edit source]Application-specific Settings
[edit | edit source]- Show full list / Add Application
- ATI Catalyst (fglrx)
- cPanel jailshell
- Firefox/Iceweasel
- Google Chrome
- Grub
- GUFW/UFW firewalls or Update Manager
- IOQuake3
- ISC DHCP Server
- Java
- Nagios
- Node.js
- Openoffice.org
- PHP and other applications that set their own resource limits
- X.org
Reporting Bugs
[edit | edit source]Appendix
[edit | edit source]Lists
[edit | edit source]Tables
[edit | edit source]- Role Modes
- Role Attributes
- Subject Modes
- Subject Attributes
- Object Modes
- PaX Flags
- Capability Names and Descriptions
- System Resources
- Sysctl Options
Credits and Permissions
[edit | edit source]See Credits and Permissions for details about copyright and references of this document.