[ubuntu-hardened] Re: grsecurity vs vsecurity vs breezy

jeff.schroeder2 at us.army.mil jeff.schroeder2 at us.army.mil
Sun Oct 16 23:28:18 CDT 2005

Not that much longer, and a new version of
vsecurity will come out that encompasses the
functionality of cap_over. That means that you
will be able to remove suid root from many system
binaries with a simple policy file. Unlike
SELinux policy files, cap_over is a bit more
admin friendly.

A few links:

vSecurity is designed to take the best from several
projects like grsecurity, openwall, and cap_over and
combine them into a "drop in" security solution.
Grsecurity is much more intrusive than vSecurity by
design and requires more work from the admin. Just
my 2 cents.
           jeff schroeder

More information about the ubuntu-hardened mailing list