grsecurity in kernel?

Glenn at
Wed Dec 29 23:28:15 CET 2010

At 0:06 +0200 30/12/10, Timo Juhani Lindfors wrote:
>Glenn < at> writes:
>>  Maybe it might be a good idea to embed grsecurity in the kernel - for
>>  two reasons:
>I think the main goal should be to upstream our changes, not add new
>changes that are not upstream.
>>  * Debug programs and drivers (faster debugging?)
>What has grsecurity to do with debugging?

On there home page they write:

# Prevention of arbitrary code execution, regardless of the technique 
used (stack smashing, heap corruption, etc)
# Prevention of arbitrary code execution in the kernel
# Randomization of the stack, library, and heap bases
# Kernel stack base randomization
# Protection against exploitable null-pointer dereference bugs in the kernel

E.g. Some buffer overflows will be stopped.

More information about the community mailing list