[Devil-linux-commit] build/scripts/config/linux-4.x config_linux.686, 1.13, 1.14

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/devil-linux/build/scripts/config/linux-4.x
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv24847

Modified Files:
	config_linux.686 
Log Message:
sync grsec config between 686 and x86_64


Index: config_linux.686
===================================================================
RCS file: /cvsroot/devil-linux/build/scripts/config/linux-4.x/config_linux.686,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14

--- config_linux.686	26 Dec 2015 20:38:36 -0000	1.13
+++ config_linux.686	2 Jan 2016 14:50:53 -0000	1.14
@@ -4971,6 +4971,7 @@
 CONFIG_GRKERNSEC=y
 # CONFIG_GRKERNSEC_CONFIG_AUTO is not set
 CONFIG_GRKERNSEC_CONFIG_CUSTOM=y
+CONFIG_GRKERNSEC_SYMLINKOWN_GID=103
 
 #
 # Customize Configuration
@@ -5040,7 +5041,7 @@
 # CONFIG_GRKERNSEC_MODHARDEN is not set
 CONFIG_GRKERNSEC_HIDESYM=y
 # CONFIG_GRKERNSEC_RANDSTRUCT is not set
-CONFIG_GRKERNSEC_KERN_LOCKOUT=y
+# CONFIG_GRKERNSEC_KERN_LOCKOUT is not set
 
 #
 # Role Based Access Control Options
@@ -5057,8 +5058,8 @@
 CONFIG_GRKERNSEC_PROC_USER=y
 CONFIG_GRKERNSEC_PROC_ADD=y
 CONFIG_GRKERNSEC_LINK=y
-# CONFIG_GRKERNSEC_SYMLINKOWN is not set
-CONFIG_GRKERNSEC_FIFO=y
+CONFIG_GRKERNSEC_SYMLINKOWN=y
+# CONFIG_GRKERNSEC_FIFO is not set
 CONFIG_GRKERNSEC_SYSFS_RESTRICT=y
 # CONFIG_GRKERNSEC_ROFS is not set
 # CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL is not set
@@ -5083,16 +5084,16 @@
 # Kernel Auditing
 #
 # CONFIG_GRKERNSEC_AUDIT_GROUP is not set
-CONFIG_GRKERNSEC_EXECLOG=y
+# CONFIG_GRKERNSEC_EXECLOG is not set
 CONFIG_GRKERNSEC_RESLOG=y
-CONFIG_GRKERNSEC_CHROOT_EXECLOG=y
+# CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set
 CONFIG_GRKERNSEC_AUDIT_PTRACE=y
-CONFIG_GRKERNSEC_AUDIT_CHDIR=n
+# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set
 CONFIG_GRKERNSEC_AUDIT_MOUNT=y
 CONFIG_GRKERNSEC_SIGNAL=y
 CONFIG_GRKERNSEC_FORKFAIL=y
 CONFIG_GRKERNSEC_TIME=y
-CONFIG_GRKERNSEC_PROC_IPADDR=y
+# CONFIG_GRKERNSEC_PROC_IPADDR is not set
 CONFIG_GRKERNSEC_RWXMAP_LOG=y
 
 #
@@ -5100,7 +5101,7 @@
 #
 CONFIG_GRKERNSEC_DMESG=y
 CONFIG_GRKERNSEC_HARDEN_PTRACE=y
-# CONFIG_GRKERNSEC_PTRACE_READEXEC is not set
+CONFIG_GRKERNSEC_PTRACE_READEXEC=y
 # CONFIG_GRKERNSEC_SETXID is not set
 # CONFIG_GRKERNSEC_HARDEN_IPC is not set
 # CONFIG_GRKERNSEC_TPE is not set
@@ -5122,13 +5123,13 @@
 #
 CONFIG_GRKERNSEC_SYSCTL=y
 # CONFIG_GRKERNSEC_SYSCTL_DISTRO is not set
-# CONFIG_GRKERNSEC_SYSCTL_ON is not set
+CONFIG_GRKERNSEC_SYSCTL_ON=y
 
 #
 # Logging Options
 #
 CONFIG_GRKERNSEC_FLOODTIME=10
-CONFIG_GRKERNSEC_FLOODBURST=10
+CONFIG_GRKERNSEC_FLOODBURST=6
 CONFIG_KEYS=y
 # CONFIG_PERSISTENT_KEYRINGS is not set
 # CONFIG_BIG_KEYS is not set



