
Grsecurity? Anyone use this? - Linux-Novice
So, I&#x27;ve been doing some research and seeing that no OS is immune nowadays to external and internal threats, the only solution is SUID and strict compartmentalization of processes and memory usage. Upon doing some research on how best to achieve an optimal state of balancing functionality with security I found a group of dev&#x27;s and some serious minded security experts releasing a project under the name of grsecurity. They&#x27;ve been operating for over 15 years now and are the gold standard in security for UNIX based systems. I find it incomprehensible that popular distro&#x27;s don&#x27;t include this kernel patch by default in their releases. I&#x27;m wondering about your thoughts on this and what can be done to raise awareness of utilizing and possibly funding this research group along with implementing it in popular Linux distro&#x27;s.<p>Thanks.
======
l2dy
It breaks some executables (like "denied RWX mmap"). Security costs usability
in this case. Also it degrades performance.

~~~
Linux-Novice
As a Linux-Novice (as the user name suggests), what would you recommend to
maximize security? I don't feel like the Ubuntu dev's are focusing enough on
security and simply banking or hedging on Windows being the main target for
hacking. Ideally, I would want to know how to install grsecurity on a Mint
distro and try and configure the settings myself.

Any tips appreciated.

