Megjöttek a várva várt GrSecurity patch-ek a 2.4.22-es kernelhez.
Letölthetőek innen:
grsecurity-1.9.12-2.4.22.patch
grsecurity-2.0-rc3-2.4.22.patch
És természetesen a hozzájuk való GrAdm csomagok:
gradm-1.9.12.tar.gz
gradm-2.0-rc3.tar.gzBrad levele:
From: spender@grsecurity.net
Reply-To: grsecurity@grsecurity.net
To: grsecurity@grsecurity.net
Subject: [grsec] grsecurity 1.9.12 and 2.0-rc3 released
grsecurity 1.9.12 has been released for the 2.4.22 kernel. Changes
in 1.9.12 are mainly PaX updates, which include additional heap
randomization.
grsecurity 2.0-rc3 has been released today for the 2.4.22 kernel.
Changes include logging the full path of offending processes and parent
processes, PaX updates, small performance enhancements, and a new option
for gradm to remove yourself from a special role without exiting your
shell. In case you're interested in what changes there will be between
rc3 and 2.0 final, here's a summary:
# per-subject caching to reduce the O(n) time complexity where n is the
directory depth on lookups
# revised subject inheritance, addition of role inheritance. You will be
able to inherit from any subject/role desired, and the inheritance will
be interpreted in the kernel, greatly reducing memory usage for
administrators needing to use tens of thousands of subjects. This allows
inheritance to be used as a templating system of sorts as well.
# Rewrite of userspace structures to an O(1) time complexity
# Domains - instead of groups being the only way to classify users,
domains will allow you to group any number of user roles into a single
applicable role.
Essentially, the changes left for 2.0 are to make it more suitable for
corporations or other large scale or large system deployments. Expected
final release date, due to the large modifications involved, is January
2004. Of course, much like the initial development release of 2.0, 2.0
final may be released much earlier than that.
I'd also like to thank everyone that has donated to the project (and
me). The response has been pleasantly overwhelming.
-Brad