]> git.pld-linux.org Git - packages/kernel.git/blob - kernel-grsec.config
projects / packages / kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- updated to grsecurity 1.9-2.4.16.
[packages/kernel.git] / kernel-grsec.config
1 #
2 # Grsecurity
3 #
4 CONFIG_GRKERNSEC=y
5
6 #
7 # Buffer Overflow Protection
8 #
9 CONFIG_GRKERNSEC_STACK=y
10 CONFIG_GRKERNSEC_STACK_GCC=y
11 # CONFIG_GRKERNSEC_PAX_RANDMMAP is not set
12
13 #
14 # Access Control Lists
15 #
16 # CONFIG_OBV_PROC is not set
17
18 #
19 # Filesystem Protections
20 #
21 CONFIG_GRKERNSEC_PROC=y
22 # CONFIG_GRKERNSEC_PROC_USER is not set
23 CONFIG_GRKERNSEC_PROC_USERGROUP=y
24 CONFIG_GRKERNSEC_PROC_GID=17
25 CONFIG_GRKERNSEC_LINK=y
26 CONFIG_GRKERNSEC_FIFO=y
27 CONFIG_GRKERNSEC_FD=y
28 CONFIG_GRKERNSEC_CHROOT=y
29 CONFIG_GRKERNSEC_CHROOT_EXECLOG=y
30 CONFIG_GRKERNSEC_CHROOT_CAPS=y
31 CONFIG_GRKERNSEC_KBMAP=y
32
33 #
34 # Security Logging
35 #
36 CONFIG_GRKERNSEC_EXECLOG=y
37 CONFIG_GRKERNSEC_SUID=y
38 CONFIG_GRKERNSEC_SIGNAL=y
39 CONFIG_GRKERNSEC_FORKFAIL=y
40 CONFIG_GRKERNSEC_TIME=y
41
42 #
43 # Executable Protections
44 #
45 CONFIG_GRKERNSEC_EXECVE=y
46 CONFIG_GRKERNSEC_RANDPID=y
47 CONFIG_GRKERNSEC_FORKBOMB=y
48 CONFIG_GRKERNSEC_FORKBOMB_GID=65504
49 CONFIG_GRKERNSEC_FORKBOMB_SEC=40
50 CONFIG_GRKERNSEC_FORKBOMB_MAX=20
51 CONFIG_GRKERNSEC_TPE=y
52 CONFIG_GRKERNSEC_TPE_GLIBC=y
53 CONFIG_GRKERNSEC_TPE_ALL=y
54 CONFIG_GRKERNSEC_TPE_GID=65500
55
56 #
57 # Network Protections
58 #
59 CONFIG_GRKERNSEC_RANDID=y
60 CONFIG_GRKERNSEC_RANDSRC=y
61 CONFIG_GRKERNSEC_RANDPING=y
62 CONFIG_GRKERNSEC_RANDTTL=y
63 CONFIG_GRKERNSEC_RANDTTL_THRESH=64
64 CONFIG_GRKERNSEC_RANDNET=y
65 CONFIG_GRKERNSEC_SOCKET=y
66 CONFIG_GRKERNSEC_SOCKET_ALL=y
67 CONFIG_GRKERNSEC_SOCKET_ALL_GID=1004
68 CONFIG_GRKERNSEC_ALL_GID=65501
69 CONFIG_GRKERNSEC_SOCKET_CLIENT=y
70 CONFIG_GRKERNSEC_SOCKET_CLIENT_GID=1003
71 CONFIG_GRKERNSEC_CLIENT_GID=65502
72 CONFIG_GRKERNSEC_SOCKET_SERVER=y
73 CONFIG_GRKERNSEC_SOCKET_SERVER_GID=1002
74 CONFIG_GRKERNSEC_SERVER_GID=65503
75 CONFIG_GRKERNSEC_PTRACE=y
76 CONFIG_GRKERNSEC_PTRACE_GROUP=y
77 CONFIG_GRKERNSEC_PTRACE_GID=1008
78 CONFIG_GRKERNSEC_STEALTH=y
79 CONFIG_GRKERNSEC_STEALTH_RST=y
80 CONFIG_GRKERNSEC_STEALTH_UDP=y
81 CONFIG_GRKERNSEC_STEALTH_ICMP=y
82 CONFIG_GRKERNSEC_STEALTH_IGMP=y
83 CONFIG_GRKERNSEC_STEALTH_FLAGS=y
84
85 #
86 # Network Logging
87 #
88 CONFIG_GRKERNSEC_STEALTH_ICMP_LOG=y
89 CONFIG_GRKERNSEC_STEALTH_RST_LOG=y
90 CONFIG_GRKERNSEC_STEALTH_UDP_LOG=y
91 CONFIG_GRKERNSEC_STEALTH_FLAGS_LOG=y
92
93 #
94 # Sysctl support
95 #
96 CONFIG_GRKERNSEC_SYSCTL=y
97
98 #
99 # Miscellaneous Enhancements
100 #
101 CONFIG_GRKERNSEC_COREDUMP=y
The Linux kernel (the core of the Linux operating system)
This page took 0.048606 seconds and 4 git commands to generate.