Menu
▾
▴
[Devil-linux-commit] build/scripts/config/linux-4.x config_linux.686, 1.13, 1.14
|
From: Heiko Z. <smi...@us...> - 2016-01-02 14:50:55
|
Update of /cvsroot/devil-linux/build/scripts/config/linux-4.x In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv24847 Modified Files: config_linux.686 Log Message: sync grsec config between 686 and x86_64 Index: config_linux.686 =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/config/linux-4.x/config_linux.686,v retrieving revision 1.13 retrieving revision 1.14 diff -u -d -r1.13 -r1.14 --- config_linux.686 26 Dec 2015 20:38:36 -0000 1.13 +++ config_linux.686 2 Jan 2016 14:50:53 -0000 1.14 @@ -4971,6 +4971,7 @@ CONFIG_GRKERNSEC=y # CONFIG_GRKERNSEC_CONFIG_AUTO is not set CONFIG_GRKERNSEC_CONFIG_CUSTOM=y +CONFIG_GRKERNSEC_SYMLINKOWN_GID=103 # # Customize Configuration @@ -5040,7 +5041,7 @@ # CONFIG_GRKERNSEC_MODHARDEN is not set CONFIG_GRKERNSEC_HIDESYM=y # CONFIG_GRKERNSEC_RANDSTRUCT is not set -CONFIG_GRKERNSEC_KERN_LOCKOUT=y +# CONFIG_GRKERNSEC_KERN_LOCKOUT is not set # # Role Based Access Control Options @@ -5057,8 +5058,8 @@ CONFIG_GRKERNSEC_PROC_USER=y CONFIG_GRKERNSEC_PROC_ADD=y CONFIG_GRKERNSEC_LINK=y -# CONFIG_GRKERNSEC_SYMLINKOWN is not set -CONFIG_GRKERNSEC_FIFO=y +CONFIG_GRKERNSEC_SYMLINKOWN=y +# CONFIG_GRKERNSEC_FIFO is not set CONFIG_GRKERNSEC_SYSFS_RESTRICT=y # CONFIG_GRKERNSEC_ROFS is not set # CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL is not set @@ -5083,16 +5084,16 @@ # Kernel Auditing # # CONFIG_GRKERNSEC_AUDIT_GROUP is not set -CONFIG_GRKERNSEC_EXECLOG=y +# CONFIG_GRKERNSEC_EXECLOG is not set CONFIG_GRKERNSEC_RESLOG=y -CONFIG_GRKERNSEC_CHROOT_EXECLOG=y +# CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set CONFIG_GRKERNSEC_AUDIT_PTRACE=y -CONFIG_GRKERNSEC_AUDIT_CHDIR=n +# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set CONFIG_GRKERNSEC_AUDIT_MOUNT=y CONFIG_GRKERNSEC_SIGNAL=y CONFIG_GRKERNSEC_FORKFAIL=y CONFIG_GRKERNSEC_TIME=y -CONFIG_GRKERNSEC_PROC_IPADDR=y +# CONFIG_GRKERNSEC_PROC_IPADDR is not set CONFIG_GRKERNSEC_RWXMAP_LOG=y # @@ -5100,7 +5101,7 @@ # CONFIG_GRKERNSEC_DMESG=y CONFIG_GRKERNSEC_HARDEN_PTRACE=y -# CONFIG_GRKERNSEC_PTRACE_READEXEC is not set +CONFIG_GRKERNSEC_PTRACE_READEXEC=y # CONFIG_GRKERNSEC_SETXID is not set # CONFIG_GRKERNSEC_HARDEN_IPC is not set # CONFIG_GRKERNSEC_TPE is not set @@ -5122,13 +5123,13 @@ # CONFIG_GRKERNSEC_SYSCTL=y # CONFIG_GRKERNSEC_SYSCTL_DISTRO is not set -# CONFIG_GRKERNSEC_SYSCTL_ON is not set +CONFIG_GRKERNSEC_SYSCTL_ON=y # # Logging Options # CONFIG_GRKERNSEC_FLOODTIME=10 -CONFIG_GRKERNSEC_FLOODBURST=10 +CONFIG_GRKERNSEC_FLOODBURST=6 CONFIG_KEYS=y # CONFIG_PERSISTENT_KEYRINGS is not set # CONFIG_BIG_KEYS is not set |
