[Nix-dev] grsecurity on Nix
Daniel Hlynskyi
abcz2.uprola at gmail.com
Mon Aug 1 22:17:40 CEST 2016
Actually, there was a nice addition recently
https://nixos.org/releases/nixos/unstable/nixos-16.09pre87733.dbd856d/manual/index.html#sec-grsecurity
Just do
security.grsecurity.enable = true;
if you follow unstable
2016-08-01 19:51 GMT+00:00 Matthew Robbetts <wingfeathera at gmail.com>:
> Hi Nixers,
>
> I’m interested in setting up grsecurity/PaX protections on my nix machine.
> My googling led me quickly to:
> https://nixos.org/wiki/Hardened_NixOS
>
> which makes perfect sense. I’m coming from Gentoo anyway, and the Hardened
> project there is familiar to me. The instructions there (basically add
> kernel options) have also worked just fine (at least, they have affected
> the outcome from running paxtest).
>
> However, I then noticed the existence of
> nixos/modules/security/grsecurity.nix, which appears to me to automate
> some of this, but is not mentioned at all on the wiki. Is this module the
> preferred way to enable grsecurity, and the wiki just needs updating?
>
>
> Ta,
> Matt
>
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160801/9253647f/attachment.html>
More information about the nix-dev
mailing list