grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.
This book is intended as a comprehensive up-to-date user guide about setting up and administrating a grsecurity-enabled system.
Table of Contents edit
- Obtaining Required Components
- Configuring and Installing grsecurity
- The Administration Utility (gradm)
- Additional Utilities
- Runtime Configuration Through sysctl
Policy Configuration edit
- The RBAC System in grsecurity
Application-specific Settings edit
- Show full list / Add Application
- ATI Catalyst (fglrx)
- cPanel jailshell
- Google Chrome
- GUFW/UFW firewalls or Update Manager
- ISC DHCP Server
- PHP and other applications that set their own resource limits
Reporting Bugs edit
Credits and Permissions edit
See Credits and Permissions for details about copyright and references of this document.