> On Aug 1, 2016, at 1:17 PM, Daniel Hlynskyi <[email protected]> wrote: > > Actually, there was a nice addition recently > > https://nixos.org/releases/nixos/unstable/nixos-16.09pre87733.dbd856d/manual/index.html#sec-grsecurity > > <https://nixos.org/releases/nixos/unstable/nixos-16.09pre87733.dbd856d/manual/index.html#sec-grsecurity> > > Just do > security.grsecurity.enable = true; > if you follow unstable
Huh! That was a much easier option. Thanks guys! > 2016-08-01 19:51 GMT+00:00 Matthew Robbetts <[email protected] > <mailto:[email protected]>>: > Hi Nixers, > > I’m interested in setting up grsecurity/PaX protections on my nix machine. My > googling led me quickly to: > https://nixos.org/wiki/Hardened_NixOS <https://nixos.org/wiki/Hardened_NixOS> > > which makes perfect sense. I’m coming from Gentoo anyway, and the Hardened > project there is familiar to me. The instructions there (basically add kernel > options) have also worked just fine (at least, they have affected the outcome > from running paxtest). > > However, I then noticed the existence of > nixos/modules/security/grsecurity.nix, which appears to me to automate some > of this, but is not mentioned at all on the wiki. Is this module the > preferred way to enable grsecurity, and the wiki just needs updating? > > > Ta, > Matt > > _______________________________________________ > nix-dev mailing list > [email protected] <mailto:[email protected]> > http://lists.science.uu.nl/mailman/listinfo/nix-dev > <http://lists.science.uu.nl/mailman/listinfo/nix-dev> > >
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
