oss-sec mailing list archives
Re: Linux kernel proactive security hardening
From: Dan Rosenberg <dan.j.rosenberg () gmail com>
Date: Sun, 7 Nov 2010 20:29:07 -0500
Thanks for your input. I've just posted an RFC for the equivalent of grsecurity's MODHARDEN, which places restrictions on the automatic loading of modules by unprivileged users: http://lkml.org/lkml/2010/11/7/212 -Dan On Sun, Nov 7, 2010 at 8:16 PM, Solar Designer <solar () openwall com> wrote:
Kees, Dan - Thank you for working on this! On Sun, Nov 07, 2010 at 02:16:32PM -0800, Kees Cook wrote:And there's a sign-up list here, for people interested in helping out: https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#Upstream%20HardeningI've just added a few hardening changes to consider (and edited/moved a few others): https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening?action=diff&rev2=41&rev1=37 Sorry I did not sign up for any yet, although if I happen to work on any I'll let you know. I'd appreciate it if you keep the page updated with current status on and links to work-in-progress and proposed patches. Thanks again, Alexander
Current thread:
- Linux kernel proactive security hardening Kees Cook (Nov 07)
- Re: Linux kernel proactive security hardening Solar Designer (Nov 07)
- Re: Linux kernel proactive security hardening Dan Rosenberg (Nov 07)
- Re: Linux kernel proactive security hardening Solar Designer (Nov 07)
- Re: Linux kernel proactive security hardening Solar Designer (Nov 07)
- Re: Linux kernel proactive security hardening Vasiliy Kulikov (Nov 08)
- Re: Linux kernel proactive security hardening Kees Cook (Nov 10)
- Re: Linux kernel proactive security hardening Dan Rosenberg (Nov 07)
- Re: Linux kernel proactive security hardening Vasiliy Kulikov (Nov 08)
- Re: Linux kernel proactive security hardening Kees Cook (Nov 10)
- Re: Linux kernel proactive security hardening Vasiliy Kulikov (Nov 10)
- Re: Linux kernel proactive security hardening Solar Designer (Nov 07)