Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikibooksThe Free Textbook Project
Search

Grsecurity

75% developed
From Wikibooks, open books for an open world

Wikipedia has related information atPaX

APDF version is available. (info)

Aprintable version of Grsecurity is available. (edit it)

grsecurity is a set ofpatches for theLinux kernel with an emphasis on enhancingsecurity. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.

This book is intended as a comprehensive up-to-date user guide about setting up and administrating a grsecurity-enabled system.

Table of Contents

[edit |edit source]

Introduction

[edit |edit source]
Overview100% developed  as of July 02, 2010
Terminology100% developed  as of July 28, 2013
How to Contribute100% developed  as of July 28, 2013

Installation

[edit |edit source]
Obtaining Required Components100% developed  as of Jul 24, 2009
Downloading grsecurity
Downloading gradm
Downloading the Linux Kernel
Verifying the Downloads
Configuring and Installing grsecurity100% developed  as of Jan 02, 2010
Patching Your Kernel with grsecurity
Configuring the Kernel
Compiling and Installing the Kernel

Administration

[edit |edit source]
The Administration Utility (gradm)75% developed  as of Jul 23, 2009
Installation
Usage
Learning Mode
Additional Utilities75% developed  as of Jul 23, 2009
Controlling PaX Flags (paxctl)
Displaying Program Capabilities (pspax)
Managing the Executable Stack of Binaries (execstack)
Runtime Configuration Through sysctl100% developed  as of Jul 23, 2009
Troubleshooting

Policy Configuration

[edit |edit source]
The RBAC System in grsecurity75% developed  as of Jan 02, 2010
What Is an RBAC System?
Limitations of any Access Control System25% developed  as of Sept 18, 2009
Policy Structure100% developed  as of Jan 02, 2010
Rules for Policies25% developed  as of Sept 18, 2009
Roles75% developed  as of Sept 14, 2009
Subjects50% developed  as of Nov 10, 2013
Domains100% developed  as of Jan 02, 2010
Capability Restrictions75% developed  as of Sept 13, 2009
Resource Restrictions75% developed  as of Jan 02, 2010
Socket Policies75% developed  as of Sept 13, 2009
PaX Flags100% developed  as of Sept 13, 2009
Flow of Matches75% developed  as of Sept 13, 2009
Policy Recommendations25% developed  as of Sept 13, 2009
Sample Policies50% developed  as of Sept 13, 2009

Application-specific Settings

[edit |edit source]
Show full list / Add Application
ATI Catalyst (fglrx)
cPanel jailshell
Firefox/Iceweasel
Google Chrome
Grub
GUFW/UFW firewalls or Update Manager
IOQuake3
ISC DHCP Server
Java
Nagios
Node.js
Openoffice.org
PHP and other applications that set their own resource limits
X.org

Reporting Bugs

[edit |edit source]
Reporting bugs75% developed  as of Sept 27, 2009
Contacts
Requirements

Appendix

[edit |edit source]

Lists

[edit |edit source]
Grsecurity and PaX Configuration Options100% developed  as of Jul 23, 2009

Tables

[edit |edit source]
Role Modes100% developed  as of Sept 11, 2009
Role Attributes100% developed  as of Sept 11, 2009
Subject Modes100% developed  as of Sept 12, 2009
Subject Attributes100% developed  as of Sept 12, 2009
Object Modes100% developed  as of Sept 13, 2009
PaX Flags100% developed  as of Jul 24, 2009
Capability Names and Descriptions100% developed  as of Jul 24, 2009
System Resources100% developed  as of Sept 11, 2009
Sysctl Options100% developed  as of Jul 28, 2013

Credits and Permissions

[edit |edit source]

SeeCredits and Permissions for details about copyright and references of this document.

External Links

[edit |edit source]
Retrieved from "https://en.wikibooks.org/w/index.php?title=Grsecurity&oldid=3991161"
Categories:
Hidden categories:
[8]ページ先頭
©2009-2025 Movatter.jp