1 |
Matt Poletiek wrote: |
2 |
|
3 |
>> > What do I lose by disabling it? If I am reading this correctly all the |
4 |
>> > grsec features will be on by default if sysctl support is disabled? |
5 |
|
6 |
>> The reason it's killing the hardened features is you can do |
7 |
>> something like "sysctl -w someHardenedFeature=0" to disable it. I'm |
8 |
>> sure others will have a much better explanation, but I believe |
9 |
>> disabling sysctl will be the quick and proper fix. |
10 |
|
11 |
> If I make the change will I have to recompile the toolchain&userland? |
12 |
> Just booting the new kernel didnt fix anything. |
13 |
|
14 |
Enabling or disabling grsec's sysctl support requires only a kernel |
15 |
compile and reboot into the new kernel. Your experience simply shows |
16 |
that sysctl support wasn't the problem. |
17 |
|
18 |
Cheers |
19 |
|
20 |
Andrew |