grsecurity
grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL.
It offers among many other features:
- An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
- Change root (chroot) hardening
- /tmp race prevention
- Extensive auditing
- Prevention of entire classes of exploits related to address space bugs (from the PaX project)
- Additional randomness in the TCP/IP stack
- A restriction that allows a user to only view his/her processes
- Every security alert or audit contains the IP address of the person that caused the event
|
|
Home
