[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SUSE Security Announcement: Linux Kernel (SuSE-SA:2004:003)



> Philippe Vogel wrote:
> > Within the last months there where more and more exploits on the web
than
> > ever.
> > This is the right time to think over and do something in future
security.
> >
> > This would be for example patching the SuSE-kernel with
> > http://www.grsecurity.org/ or for minimum http://pax.grsecurity.net/
like
> > some distributions already did.
> >
> > This does not help solving any new exploits but makes it a little bit
harder
> > to install not wanted software on servers because only allowed processes
are
> > allowed to work :-)
> >
> > This may be an optional part, but would improve more, than the "other"
> > security-patch provided by SuSE.
> >
> > For me it worked.
>
> Could you please expand on your "For me it worked" statement? Have you
> experienced any issues, even minor ones, with standard services like
> Samba, Apache, Postfix, etc..

There are basic configurations for debian, but with knowledge on SuSE you
will be able to configure it to your delight.
There where no compliling problems (even without gcc 2.95 rc2 :-) ).
You can make a cloneconfig with renaming the old Makefile and copying the
Makefile from the SuSE - sources.
After make cloneconfig you have to copy the original Makefile back again
where it belonged.
After that make dep bzImage modules modules_install install && /sbin/lilo
(if you use lilo).

Philippe


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here