Changes

Jump to: navigation, search

Grsecurity

3 bytes added, 10:37, 13 November 2007
m
minor english fixes TPE (Trusted Path Execution)
Starting from 2.6.18-028stab047.1 stable kernels OpenVZ kernels support TPE grsecurity feature out of the box.
Which means root user can configure TPE inside VE as usually accessing usual, i.e. via the following /proc files:
* /proc/sys/kernel/grsecurity/grsec_lock
* /proc/sys/kernel/grsecurity/tpe
* /proc/sys/kernel/grsecurity/tpe_restrict_all
To enable TPE feature in a standard way just type:
# echo <GID> > /proc/sys/kernel/grsecurity/tpe_gid
# echo 1 > /proc/sys/kernel/grsecurity/tpe

Navigation menu