grsecurity forums

[Tinnes]

You can find kernel packages on http://kernelsec.cr0.org/

Those packages are built with maximum compability in mind, not security.

This means that you should use them on machines where you would'nt otherwise use grsecurity, but it's still better to build your own, modules-less kernel.

It especially lacks privileged IO restrictions (so that it works with X), MPROTECT restrictions (to avoid PT_GNU_STACK nightmare and to work out of the box with virtualization and other on-the-fly code-generating softwares) and UDEREF (to be able to use this kernel virtualized).

[robert]

this package is very useful to , I need this with Ubuntu, hope it can work fine, thanks.