grsecurity forums

Skip to content

grsecurity in Mandrake 9.0 questions

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

grsecurity in Mandrake 9.0 questions

Postby payn » Fri Nov 22, 2002 4:22 am

Which version of grsecurity is included with Mandrake 9.0 (in the pre-installed kernel, and in the /usr/src/linux-2.4.19-16mdk source)? And did they make any changes of their own? And what options, if any, are turned on in the pre-installed kernel?

If there's somewhere I can find this info on Mandrake's site, that would be nice to know (I've tried looking through the appropriate security-hype docs, searching Mandrake's site for "grsecurity" and "grsec" and "gracl," etc.). (This is my first time using one of their distros, by the way.)

Is there any way to tell, by looking in the patched kernel source directory, which version of grsec is included (so, if I install a different Mandrake version in the future, or use an updated kernel-source RPM, or whatever, I won't have to come back here and ask the same question again...).

If the patch they used isn't the latest, is there any easy way to get an old patch off your site (so I can diff the patches and upgrade)?

Does Mandrake include gracl? I can't find it anywhere on the system, or the install CDs, or their website, and I can't find an RPM for it on rpmfind or elsewhere. I can just grab the tar off your site and build it myself, of course, but it seems a bit odd that they'd include your patches in the kernel, but not include the gracl program....

I noticed somewhere on this site that one of the developers mentioned being a Mandrake user, so I thought you'd be more likely to be able to answer these questions than usual (in general, I wouldn't expect a developer to know "what does this distro do with your code?" questions).

Thanks.
payn
 
Posts: 1
Joined: Fri Nov 22, 2002 4:09 am
Top

Postby spender » Sat Nov 23, 2002 4:16 pm

mandrake chose to continue to use 1.9.5, despite my repeated requests to update their version. They also haven't fixed the problem that I reported to them several times, that since they enabled the sysctl feature, none of the features are enabled at startup. They don't tell their users this, and therefore people assume that it's making their system secure, when it's really not. They also do not use the ACL system. If I were you, I would not use mandrake kernel.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group
cron