Slashdot Mirror

← Back to Domains

Domain: grsecurity.net

Stories and comments across the archive that link to grsecurity.net.

Stories · 5

  1. Security Holes Draw Linux Developers' Ire

    It · Security · · posted by timothy · from the quick-draw-me-an-ire dept. · 477 comments
    jd writes "In what looks to be a split that could potentially undermine efforts to assure people that Linux is secure and stable, the developers of the GRSecurity kit and RSBAC are getting increasingly angry over security holes in Linux and the design of the Linux Security Modules. LWN has published a short article by Brad Spengler, the guy behind GRSecurity and it has stoked up a fierce storm, with claims of critical patches being ignored, good security practices being ignored for political reasons, etc. Regardless of the merits of the case by either side, this needs to be aired and examined before it becomes more of a problem. Especially in light of the recent kernel vulnerability debated on Slashdot."

  2. Security Holes Draw Linux Developers' Ire

    It · Security · · posted by timothy · from the quick-draw-me-an-ire dept. · 477 comments
    jd writes "In what looks to be a split that could potentially undermine efforts to assure people that Linux is secure and stable, the developers of the GRSecurity kit and RSBAC are getting increasingly angry over security holes in Linux and the design of the Linux Security Modules. LWN has published a short article by Brad Spengler, the guy behind GRSecurity and it has stoked up a fierce storm, with claims of critical patches being ignored, good security practices being ignored for political reasons, etc. Regardless of the merits of the case by either side, this needs to be aired and examined before it becomes more of a problem. Especially in light of the recent kernel vulnerability debated on Slashdot."

  3. End Of Development For Grsecurity Announced?

    Developers · Security · · posted by simoniker · from the future-not-so-secure dept. · 306 comments
    vrtk writes "I received this minutes ago, from the grsecurity mailing list, also displayed on the official site for the open-source security project: 'Beginning today, May 31, 2004, development of grsecurity will cease. On June 7, the website, forums, mailing list, and CVS will be shut down. Due to a sponsor unexpectedly dropping sponsorship of grsecurity while continually promising payment, I began the summer in debt and had to borrow money from family to pay for food. If none of the companies that depend on grsecurity, some of them being very large, are able to sponsor the project, grsecurity will cease to exist. I am not looking for paypal donations at this point, unless those that donate do so with the recognition that despite their donation, grsecurity may still never be returning.'"

  4. Additional Security in the Linux Kernel?

    Ask · Security · · posted by Cliff · from the going-beyond-ugo dept. · 300 comments
    nyx asks: "Recently, I was looking for some way to improve security on my linux boxes. I found few linux patches like grsecurity, LIDS (now also as Linux Security Module), Medusa DS9. I'm testing grsecurity (and it's ACLs) now and I'm quite satisfied with it, but I wonder, what are pros and cons of other solutions. Anybody tried them and can share his experience with us?"

  5. Linux Kernel Exploit Affects Red Hat 5

    Linux · Redhat · · posted by CmdrTaco · from the get-yer-patch-on dept. · 1 comment
    B1oodAnge1 writes "Proof of concept code was released last week that exploits a vulnerability in both the 64 and 32 bit versions of the 2.6.30 and 2.6.18 Linux kernel to gain root access. Apparently this affects Red Hat Enterprise Edition 5, which uses the 2.6.18 kernel. From the source code: A vulnerability which, when viewed at the source level, is unexploitable! But which, thanks to gcc optimizations, becomes exploitable :) Also, bypass of mmap_min_addr via SELinux vulnerability! (where having SELinux enabled actually increases your risk against a large class of kernel vulnerabilities)'"