# Grsecurity
#
CONFIG_GRKERNSEC=y
-# CONFIG_GRKERNSEC_LOW is not set
-# CONFIG_GRKERNSEC_MEDIUM is not set
-# CONFIG_GRKERNSEC_HIGH is not set
-CONFIG_GRKERNSEC_CUSTOM=y
+# CONFIG_GRKERNSEC_CONFIG_AUTO is not set
+CONFIG_GRKERNSEC_CONFIG_CUSTOM=y
+CONFIG_GRKERNSEC_PROC_GID=10
+
+#
+# Customize Configuration
+#
+
+#
+# PaX
+#
+CONFIG_PAX=y
+
+#
+# PaX Control
+#
+# CONFIG_PAX_SOFTMODE is not set
+CONFIG_PAX_EI_PAX=y
+CONFIG_PAX_PT_PAX_FLAGS=y
+# CONFIG_PAX_XATTR_PAX_FLAGS is not set
+# CONFIG_PAX_NO_ACL_FLAGS is not set
+CONFIG_PAX_HAVE_ACL_FLAGS=y
+# CONFIG_PAX_HOOK_ACL_FLAGS is not set
+
+#
+# Non-executable pages
+#
+CONFIG_PAX_KERNEXEC_PLUGIN_METHOD=""
+
+#
+# Address Space Layout Randomization
+#
+CONFIG_PAX_ASLR=y
+CONFIG_PAX_RANDUSTACK=y
+CONFIG_PAX_RANDMMAP=y
+
+#
+# Miscellaneous hardening features
+#
+CONFIG_PAX_USERCOPY=y
#
# Memory Protections
CONFIG_GRKERNSEC_PROC=y
# CONFIG_GRKERNSEC_PROC_USER is not set
CONFIG_GRKERNSEC_PROC_USERGROUP=y
-CONFIG_GRKERNSEC_PROC_GID=10
CONFIG_GRKERNSEC_PROC_ADD=y
CONFIG_GRKERNSEC_LINK=y
CONFIG_GRKERNSEC_FIFO=y
# CONFIG_GRKERNSEC_SOCKET is not set
#
-# Sysctl support
+# Sysctl Support
#
# CONFIG_GRKERNSEC_SYSCTL is not set
#
CONFIG_GRKERNSEC_FLOODTIME=10
CONFIG_GRKERNSEC_FLOODBURST=6
-
-#
-# PaX
-#
-CONFIG_PAX=y
-
-#
-# PaX Control
-#
-# CONFIG_PAX_SOFTMODE is not set
-CONFIG_PAX_EI_PAX=y
-CONFIG_PAX_PT_PAX_FLAGS=y
-# CONFIG_PAX_XATTR_PAX_FLAGS is not set
-# CONFIG_PAX_NO_ACL_FLAGS is not set
-CONFIG_PAX_HAVE_ACL_FLAGS=y
-# CONFIG_PAX_HOOK_ACL_FLAGS is not set
-
-#
-# Non-executable pages
-#
-CONFIG_PAX_KERNEXEC_PLUGIN_METHOD=""
-
-#
-# Address Space Layout Randomization
-#
-CONFIG_PAX_ASLR=y
-CONFIG_PAX_RANDUSTACK=y
-CONFIG_PAX_RANDMMAP=y
-
-#
-# Miscellaneous hardening features
-#
-CONFIG_PAX_USERCOPY=y
CONFIG_KEYS=y
# CONFIG_ENCRYPTED_KEYS is not set
CONFIG_KEYS_DEBUG_PROC_KEYS=y
projects / people / ms / ipfire-3.x.git / blobdiff