Suggestions for linux security patches

Jason Czerak (Jason-Czerak@Jasnik.net)
19 Dec 2001 15:48:46 -0500


I'm running linux 2.4.16, and I"m looking to the best possibly kernel
patch to harden things up a bit. Primarly I wish to have what is in
openwall's and grsecurity's patches is the buffer oveflow protection,
but I'm unable to use the openwall patch because it only support 2.2.X
kernels ATM. I applied the grsecurity patch but for some reason when
running mozilla as non-root, the GUI for mozilla is all messed up (and I
enabled sysctl support so nothing was enabled by default except stuff
that isn't able to use sysctl).

So to advoid applying 20 or so differnet patches, and evaluate each of
them (taking up what little time I have in a day...), I wish to get the
lists opinions on the matter.

Local security/control isn't much of an issue and most likly won't be
for a while. Remote security and protection from server deamons that
have buffer problems are high priority to get the best protection for.

--
Jason Czerak

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/