grsecurity forums


https://forums.grsecurity.net./

Is the GRsecurity patch enough?

https://forums.grsecurity.net./viewtopic.php?f=3&t=2978

Page 1 of 1

Is the GRsecurity patch enough?

PostPosted: Tue Jun 05, 2012 8:46 pm
by GBit
When I patch the kernel with the grsecurity patch (grsecurity-2.9-3.3.8-201206042136.patch) the PAX features seem to open up. But I also see a pax patch (pax-linux-3.3.7-test18.patch) - would I need both of these for the full features?

Re: Is the GRsecurity patch enough?

PostPosted: Fri Jun 08, 2012 3:29 pm
by spender
No, the grsecurity patch includes PaX. Using grsecurity is actually necessary to implement some of the things described in the PaX documentation (bruteforce prevention, defense against infoleaks by a local attacker, removal of arbitrary code execution at the filesystem level), which are outside of the scope of the PaX patch itself.

-Brad

Re: Is the GRsecurity patch enough?

PostPosted: Wed Jun 13, 2012 1:27 pm
by GBit
Great, thanks so much.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/