Grsecurity
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.
This book is intended as a comprehensive up-to-date user guide about setting up and administrating a grsecurity-enabled system.
Introduction
Installation
Administration
- The Administration Utility (gradm)
- Additional Utilities
- Runtime Configuration Through sysctl
- Troubleshooting
Policy Configuration
Application-specific Settings
- Show full list / Add Application
- ATI Catalyst (fglrx)
- cPanel jailshell
- Firefox/Iceweasel
- Google Chrome
- Grub
- GUFW/UFW firewalls or Update Manager
- IOQuake3
- ISC DHCP Server
- Java
- Nagios
- Node.js
- Openoffice.org
- PHP and other applications that set their own resource limits
- X.org
Reporting Bugs
Appendix
Lists
Tables
- Role Modes
- Role Attributes
- Subject Modes
- Subject Attributes
- Object Modes
- PaX Flags
- Capability Names and Descriptions
- System Resources
- Sysctl Options
Credits and Permissions
See Credits and Permissions for details about copyright and references of this document.