grsecurity is a project for Linux which institutes several security enhancements, including mandatory access control, randomization of key local and network informational data, /proc and chroot() jail restrictions, network socket control, capabilities control, and extra auditing functions. The grsecurity patch is based on a vanilla kernel and includes the PaX patch set. Creator and lead developer of grsecurity is Brad Spengler aka. Spender. Software development is the translation of a user need or marketing goal into a software product. ... An operating system (OS) is a computer program that manages the hardware and software resources of a computer. ... Linux (also known as GNU/Linux) is a Unix-like computer operating system. ... A software license is a legal agreement which may take the form of a proprietary or gratuitous license as well as a memorandum of contract between a producer and a user of computer software. ... The GNU logo The GNU General Public License (GNU GPL or simply GPL) is a widely used free software license, originally written by Richard Stallman for the GNU project. ... This page as shown in the AOL 9. ... Linux (also known as GNU/Linux) is a Unix-like computer operating system. ... Computer security is the current computer science collaboration of the week! Please help improve it to featured article standard. ... In computing, a mandatory access control (MAC) technique protects and contains computer processes, data, and system devices from misuse. ... A chroot on Unix operating systems is an operation which changes the root directory. ... The Linux kernel is a Unix-like operating system kernel that was begun by Linus Torvalds in 1991 and subsequently developed with the assistance of developers worldwide. ... In computer security, PaX is a patch for the Linux kernel that implements least privilege protections for memory pages. ...
It has Role-Based Access Control (RBAC). In computer systems security Role-Based Access Control (RBAC) is an approach to restricting system access to authorized users. ...
Image File history File links Portal. ... Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM) in the Linux kernel, based on the principle of least privilege. ...
Grsecurity is a suite of patches (distributed as a single patch file) for the Linuxkernel that are an attempt to improve the security of a Linux system.
Grsecurity is based on a port of some previous patches for the Linux 2.2 kernel, including Openwall and PaX, which have never been ported to the 2.4 kernel.
Grsecurity is not an additional security service that might be run periodically (such as Tripwire, AIDE or Logwatch), nor is it supplied as a loadable kernel module like the ipchains or iptables firewalling software.
The Linux VServer Project in combination with the grsecurityLinuxkernel hardening together provide a good solution for those cases, where you need to separate a number of customers that should have shell access from one another.
GRsecurity provides a sophisticated ACL service, in case you need top-notch security, but even the without detailed ACL setup you will get a good improvement.
GRSecurity, while running, prevents some system operations like a mount within a chroot which are needed at least by the Debian dbootstrap.
Feeds |
Contact