Difference between revisions of "IDP/Grsecurity"

From ESS-WIKI
Jump to: navigation, search
(Created page with "=Overview= [https://grsecurity.net/ Grsecurity]® is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intell...")
(No difference)

Revision as of 08:28, 17 February 2016

Overview

Grsecurity® is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration. It has been actively developed and maintained for the past 14 years. Commercial support for grsecurity is available through Open Source Security, Inc. Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC)

grsecurity’s RBAC provides full learning mode for generating security policy rules. The default policy is located in the /etc/grsec/policy file.

grsecurity RBAC Command Reference

administration utility gradm manages the RBAC system. 

command                            Description
gradm -P [rolename]                Setup RBAC administration or special role password
gradm -E                           Enable the grsecurity RBAC system
gradm -D                           Disable the grsecurity RBAC system
gradm -C                           Check the RBAC policy for errors
gradm -S                           Check the RBAC system's status
gradm -F -L /tmp/full_learning.log Enable the grsecurity Full Learning mode
Retrieved from "https://ess-wiki.advantech.com.tw/wiki/index.php?title=IDP/Grsecurity&oldid=423"