Re: Suggestions for linux security patches

From: Kevin (kevin@pheared.net)
Date: Thu Dec 20 2001 - 00:19:41 EST


On 19 Dec 2001, Jason Czerak grunted something like:

[Jason-] I'm running linux 2.4.16, and I"m looking to the best possibly kernel
[Jason-] patch to harden things up a bit. Primarly I wish to have what is in
[Jason-] openwall's and grsecurity's patches is the buffer oveflow protection,
[Jason-] but I'm unable to use the openwall patch because it only support 2.2.X
[Jason-] kernels ATM. I applied the grsecurity patch but for some reason when
[Jason-] running mozilla as non-root, the GUI for mozilla is all messed up (and I
[Jason-] enabled sysctl support so nothing was enabled by default except stuff
[Jason-] that isn't able to use sysctl).

Has anyone tried the NSA linux security setup? I've looked it over but
haven't gone so far as to actually run it.

BTW, mozilla gets F-ed up for me sometimes when I foolishly run Netscape 6
and NS6 rewrites several of the config files. Usually rm'ing ~/.mozilla
does it. Could be very unrelated though.

-[ kevin@pheared.net devel.pheared.net ]-
-[ Rather be forgotten, than remembered for giving in. ]-
-[ ZZ = g ^ (xb * xa) mod p g = h^{(p-1)/q} mod p ]-

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Dec 23 2001 - 21:00:20 EST