On Mon, Feb 07, 2005 at 02:10:07PM +0100, Andras Got wrote: > You should start with grsec low and proc restricions set customly. > Hardening your kernel is always a option.
Running grsec isn't a problem, I use on both clients and servers. Dont start with grsec low but with the custom option, CONFIG_GRKERNSEC_CUSTOM and read the help sections. > The grsec default high settings, IIRC it defaults to custom. > and PaX break Jetty (java server container) in two, so it simply won't > start, gradm won't help as I know. changing PaX-settings is done by chpax or paxctl. gradm is for the acl. if something breaks chpax -peMRXs usually works, after that its about fine tuning. /Thomas --
signature.asc
Description: Digital signature
