grsecurity forums

any comments about subject?

is it safe to enable it on production systems ?

TIA for any info.

i've used it on my servers for over a year now, and never saw any problem, but i guess it depends on the applications you run. You should just test it, you can always boot a kernel without these options of problems occur.

radek wrote:is it safe to enable it on production systems ?

i think randustack is safe to use except maybe for java which doesn't like randomization (i don't know if it's the stack or the other randomizations though, but since you have to disable all of PaX on it, it probably doesn't matter anyway). randkstack is a harder one, it depends on your kernel stack utilization (how close tasks get to a kernel stack overflow due to interrupts and whatnot). the default randomization of randkstack can result in an extra 128 bytes used on the kernel stack, whether that will trigger an overflow or not is hard to tell, you're best off by trying it out for some period of time. i'd also add that if these 128 bytes can cause a stack overflow then you're already extremely close to running into one anyway, considering that the usable kernel stack is some 7 kbytes on i386. also randkstack is probably meaningful mostly when you have untrusted local users, against remote attacks it matters little if anything.

what about randkstack while enabling usage of 4k kernel stack ? /from 2.6.6+/ ?

as so far (three production systems, quite heavy loaded), no bigger problems but i didnt check it thourougly. the hosts are configured heavily to auto "repair" all problems (restarts, reloads, retries, delegations in case of problems) so this can not be treaten as a 'everything works perfect' sign.