[Dailydave] Is Windows Integrity Control in Vista really worth the performance hit? And does it really work?
Chris Rohlf
chris.rohlf at gmail.com
Sat Mar 3 09:44:12 EST 2007
Yes you would take certain pax permissions off applications that
require an executable stack (x.org, jvm come to mind).
But proper SElinux controls can still be applied to them. I was more
specifically looking for how to bypass those MAC and RBAC features of
SElinux and grsecurity without a kernel vulnerability.
Chris
On 3/2/07, endrazine <endrazine at gmail.com> wrote:
> Chris Rohlf a écrit :
> > This sort of goes without saying. But what other known 'bypasses' are
> > there for grsec or SElinux that don't require a kernel vulnerability?
> > Im asking honestly, its been awhile since I've looked into this stuff.
> >
> Afaik, Pax, grsec etc do _never_ randomize Xorg.
>
>
> endrazine-
--
http://em386.blogspot.com
More information about the Dailydave
mailing list