Grsecurity is a patch of safety for Linux, whose function is to offer an additional control of access to the resources. It is about a system ACL (of English, Access Control List ). It is used for example if it is useful to restrict the access to certain resources for the only user root (who normally has access to all the resources).
The policy of security of the patch GRsecurity dissociates other models of safety in that which she does not claim to find and withdraw the existing faults, but to make them useless. Thus, each process of a system can be limited to be able to carry out only the tasks for which the administrator authorizes there, thus hoping to prevent that an attacker can compromise the entire system. This patch of safety thus assumes that the Linux core is free from bug exploitable.
Moreover, GRsecurity includes PaX, a patch making it possible to reinforce the safety of the system by activating the nonachievable pages and while returning the space of random addressing report.
- Going beyond of plug (Buffer_overflow)
|Random links:||The Coffee machine | Stenopelix | Natalie Gregory | Bomal (Ramillies) | Henri Congnet | William_Shakespeare|