Language Selection

English French German Italian Portuguese Spanish

first post- kernels and whatnot

Filed under
News

Well I signed up at the site after I seen they posted on of my howtos which I am thankful for. It was the one on the grsecurity patched kernel. I think it should help quite a few people as there are so many local root exploits out now and most distro's security and dev teams are doing nothing about it. I know I went in centos irc and they was like, "well the 2.6.9-34.0.2.EL kernel is patched against the prctl exploit but not the /proc exploit" They advised me to enable selinux but I was afraid it would interfere with my control panel software and scripts i have running. I asked when they would have the new kernel they said they were working on it. that was about a week ago now.

But as I found out there is no centos dev team, at least not that I know of. All they do is rip redhat's packages and that's is. Which isn't such a bad thing as you are getting an enterprise os for free.

I have tried all local root exploits lately against the latest grsecurity kernel and none worked. Which I do have /proc mounted as nosuid as a precaution. Next is to learn how to use the acl and other features of grsecurity.

More in Tux Machines

today's howtos

A tour of Google's 2016 open source releases

Open source software enables Google to build things quickly and efficiently without reinventing the wheel, allowing us to focus on solving new problems. We stand on the shoulders of giants, and we know it. This is why we support open source and make it easy for Googlers to release the projects they're working on internally as open source. We've released more than 20-million lines of open source code to date, including projects such as Android, Angular, Chromium, Kubernetes, and TensorFlow. Our releases also include many projects you may not be familiar with, such as Cartographer, Omnitone, and Yeoman. Read more

Viewing Linux Logs from the Command Line

At some point in your career as a Linux administrator, you are going to have to view log files. After all, they are there for one very important reason...to help you troubleshoot an issue. In fact, every seasoned administrator will immediately tell you that the first thing to be done, when a problem arises, is to view the logs. And there are plenty of logs to be found: logs for the system, logs for the kernel, for package managers, for Xorg, for the boot process, for Apache, for MySQL… For nearly anything you can think of, there is a log file. Read more

At Long Last, Linux Gets Dynamic Tracing

When the Linux kernel version 4.9 will be released next week, it will come with the last pieces needed to offer to some long-awaited dynamic thread-tracing capabilities. As the keepers of monitoring and debugging software start using these new kernel calls, some of which have been added to the Linux kernel over the last two years, they will be able to offer much more nuanced, and easier to deploy, system performance tools, noted Brendan Gregg, a Netflix performance systems engineer and author of DTrace Tools, in a presentation at the USENIX LISA 2016 conference, taking place this week in Boston. Read more