[KLUG Members] SELinux anyone?

Adam Tauno Williams members@kalamazoolinux.org
Mon, 28 Jul 2003 13:09:47 -0400

Previous message: [KLUG Members] SELinux anyone?
Next message: [KLUG Members] SELinux anyone?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>http://www.grsecurity.net/
>SELinux had more work on Mandatory Access Control, IIRC, which limits
>file/memory sharing between apps and users. grsecurity features
>hack-proofing such as non-executable stacks and pages.

Non-executabke stack / data-pages seems like a no-brainer hacker proofin thing. 
Is there an argument for why such a thing isn't a standard feature in every OS?

>I don't know much about these projects firsthand, but you can find more
>info at:
>http://pageexec.virtualave.net/
>home of PaX for Linux. As PaX is a part of grsecurity, so is PaX made of
>several patches. PaX is also in OpenBSD as a now-standard part of the
>new dist--uh, tree? release? 

Even if one isn't interesting in actually patching the kernel (I avoid it at 
almost all costs) the intro doc is very informative reading.

Previous message: [KLUG Members] SELinux anyone?
Next message: [KLUG Members] SELinux anyone?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]