API tools faq
paste
Advertisement
Guest User

x86_64-grsec-ARCH.diff

a guest
Dec 18th, 2012
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 4.20 KB | None | 0 0
raw download clone embed print report
  1. 55c55
  2. < CONFIG_LOCALVERSION="-grsec"
  3. ---
  4. > CONFIG_LOCALVERSION="-ARCH"
  5. 867d866
  6. < CONFIG_NETFILTER_XT_MATCH_GRADM=m
  7. 5236,5238c5235
  8. < CONFIG_JFFS2_FS_XATTR=y
  9. < CONFIG_JFFS2_FS_POSIX_ACL=y
  10. < CONFIG_JFFS2_FS_SECURITY=y
  11. ---
  12. > # CONFIG_JFFS2_FS_XATTR is not set
  13. 5560,5713d5556
  14. <
  15. < #
  16. < # Grsecurity
  17. < #
  18. < CONFIG_TASK_SIZE_MAX_SHIFT=47
  19. < CONFIG_PAX_USERCOPY_SLABS=y
  20. < CONFIG_GRKERNSEC=y
  21. < # CONFIG_GRKERNSEC_CONFIG_AUTO is not set
  22. < CONFIG_GRKERNSEC_CONFIG_CUSTOM=y
  23. < CONFIG_GRKERNSEC_PROC_GID=9998
  24. < CONFIG_GRKERNSEC_TPE_TRUSTED_GID=9999
  25. < CONFIG_GRKERNSEC_SYMLINKOWN_GID=33
  26. <
  27. < #
  28. < # Customize Configuration
  29. < #
  30. <
  31. < #
  32. < # PaX
  33. < #
  34. < CONFIG_PAX=y
  35. <
  36. < #
  37. < # PaX Control
  38. < #
  39. < # CONFIG_PAX_SOFTMODE is not set
  40. < # CONFIG_PAX_EI_PAX is not set
  41. < CONFIG_PAX_PT_PAX_FLAGS=y
  42. < CONFIG_PAX_XATTR_PAX_FLAGS=y
  43. < # CONFIG_PAX_NO_ACL_FLAGS is not set
  44. < CONFIG_PAX_HAVE_ACL_FLAGS=y
  45. < # CONFIG_PAX_HOOK_ACL_FLAGS is not set
  46. <
  47. < #
  48. < # Non-executable pages
  49. < #
  50. < CONFIG_PAX_NOEXEC=y
  51. < CONFIG_PAX_PAGEEXEC=y
  52. < CONFIG_PAX_EMUTRAMP=y
  53. < CONFIG_PAX_MPROTECT=y
  54. < # CONFIG_PAX_MPROTECT_COMPAT is not set
  55. < # CONFIG_PAX_ELFRELOCS is not set
  56. < CONFIG_PAX_KERNEXEC_PLUGIN_METHOD=""
  57. <
  58. < #
  59. < # Address Space Layout Randomization
  60. < #
  61. < CONFIG_PAX_ASLR=y
  62. < CONFIG_PAX_RANDKSTACK=y
  63. < CONFIG_PAX_RANDUSTACK=y
  64. < CONFIG_PAX_RANDMMAP=y
  65. <
  66. < #
  67. < # Miscellaneous hardening features
  68. < #
  69. < CONFIG_PAX_MEMORY_STACKLEAK=y
  70. < CONFIG_PAX_REFCOUNT=y
  71. < CONFIG_PAX_USERCOPY=y
  72. < # CONFIG_PAX_SIZE_OVERFLOW is not set
  73. < # CONFIG_PAX_LATENT_ENTROPY is not set
  74. <
  75. < #
  76. < # Memory Protections
  77. < #
  78. < CONFIG_GRKERNSEC_KMEM=y
  79. < # CONFIG_GRKERNSEC_IO is not set
  80. < CONFIG_GRKERNSEC_JIT_HARDEN=y
  81. < CONFIG_GRKERNSEC_PROC_MEMMAP=y
  82. < CONFIG_GRKERNSEC_BRUTE=y
  83. < CONFIG_GRKERNSEC_MODHARDEN=y
  84. < CONFIG_GRKERNSEC_HIDESYM=y
  85. < CONFIG_GRKERNSEC_KERN_LOCKOUT=y
  86. <
  87. < #
  88. < # Role Based Access Control Options
  89. < #
  90. < # CONFIG_GRKERNSEC_NO_RBAC is not set
  91. < CONFIG_GRKERNSEC_ACL_HIDEKERN=y
  92. < CONFIG_GRKERNSEC_ACL_MAXTRIES=3
  93. < CONFIG_GRKERNSEC_ACL_TIMEOUT=30
  94. <
  95. < #
  96. < # Filesystem Protections
  97. < #
  98. < CONFIG_GRKERNSEC_PROC=y
  99. < # CONFIG_GRKERNSEC_PROC_USER is not set
  100. < CONFIG_GRKERNSEC_PROC_USERGROUP=y
  101. < CONFIG_GRKERNSEC_PROC_ADD=y
  102. < CONFIG_GRKERNSEC_LINK=y
  103. < CONFIG_GRKERNSEC_SYMLINKOWN=y
  104. < CONFIG_GRKERNSEC_FIFO=y
  105. < CONFIG_GRKERNSEC_SYSFS_RESTRICT=y
  106. < CONFIG_GRKERNSEC_ROFS=y
  107. < CONFIG_GRKERNSEC_CHROOT=y
  108. < CONFIG_GRKERNSEC_CHROOT_MOUNT=y
  109. < CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
  110. < CONFIG_GRKERNSEC_CHROOT_PIVOT=y
  111. < CONFIG_GRKERNSEC_CHROOT_CHDIR=y
  112. < CONFIG_GRKERNSEC_CHROOT_CHMOD=y
  113. < CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
  114. < CONFIG_GRKERNSEC_CHROOT_MKNOD=y
  115. < CONFIG_GRKERNSEC_CHROOT_SHMAT=y
  116. < CONFIG_GRKERNSEC_CHROOT_UNIX=y
  117. < CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
  118. < CONFIG_GRKERNSEC_CHROOT_NICE=y
  119. < CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
  120. < CONFIG_GRKERNSEC_CHROOT_CAPS=y
  121. <
  122. < #
  123. < # Kernel Auditing
  124. < #
  125. < # CONFIG_GRKERNSEC_AUDIT_GROUP is not set
  126. < # CONFIG_GRKERNSEC_EXECLOG is not set
  127. < CONFIG_GRKERNSEC_RESLOG=y
  128. < # CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set
  129. < CONFIG_GRKERNSEC_AUDIT_PTRACE=y
  130. < # CONFIG_GRKERNSEC_AUDIT_CHDIR is not set
  131. < CONFIG_GRKERNSEC_AUDIT_MOUNT=y
  132. < CONFIG_GRKERNSEC_SIGNAL=y
  133. < CONFIG_GRKERNSEC_FORKFAIL=y
  134. < CONFIG_GRKERNSEC_TIME=y
  135. < CONFIG_GRKERNSEC_PROC_IPADDR=y
  136. < CONFIG_GRKERNSEC_RWXMAP_LOG=y
  137. < # CONFIG_GRKERNSEC_AUDIT_TEXTREL is not set
  138. <
  139. < #
  140. < # Executable Protections
  141. < #
  142. < CONFIG_GRKERNSEC_DMESG=y
  143. < CONFIG_GRKERNSEC_HARDEN_PTRACE=y
  144. < CONFIG_GRKERNSEC_PTRACE_READEXEC=y
  145. < CONFIG_GRKERNSEC_SETXID=y
  146. < CONFIG_GRKERNSEC_TPE=y
  147. < CONFIG_GRKERNSEC_TPE_ALL=y
  148. < CONFIG_GRKERNSEC_TPE_INVERT=y
  149. < CONFIG_GRKERNSEC_TPE_GID=9999
  150. <
  151. < #
  152. < # Network Protections
  153. < #
  154. < CONFIG_GRKERNSEC_RANDNET=y
  155. < CONFIG_GRKERNSEC_BLACKHOLE=y
  156. < # CONFIG_GRKERNSEC_SOCKET is not set
  157. <
  158. < #
  159. < # Sysctl Support
  160. < #
  161. < CONFIG_GRKERNSEC_SYSCTL=y
  162. < CONFIG_GRKERNSEC_SYSCTL_ON=y
  163. <
  164. < #
  165. < # Logging Options
  166. < #
  167. < CONFIG_GRKERNSEC_FLOODTIME=10
  168. < CONFIG_GRKERNSEC_FLOODBURST=6
  169. 5734a5578
  170. > # CONFIG_SECURITY_YAMA is not set
  171. 5759c5603
  172. < CONFIG_CRYPTO_HASH=y
  173. ---
  174. > CONFIG_CRYPTO_HASH=m
  175. 5819c5663
  176. < CONFIG_CRYPTO_SHA256=y
  177. ---
  178. > CONFIG_CRYPTO_SHA256=m
  179. 5965c5809
  180. < CONFIG_OID_REGISTRY=m
  181. ---
  182. > CONFIG_OID_REGISTRY=m
  183. \ No newline at end of file
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!