General questions

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Moderators: spender, PaX Team

General questions

Postby karlsc » Fri Jul 17, 2015 7:21 am

Hello,

I have some questions with the grsecurity path.

1) I've successfully built a kernel for my compagny with grsecurity that perfectly fits my needs. However, few days (or even few hours later) a new version of the grsecurity package is available.

My concern is about how often I have to reasonably recompile the kernel? Is there a risk to leave an old kernel in production servers like one month ?

It's especially a problem with core database servers, because I have to avoid reboot.

2) It's very difficult to measure the performance overhead. I have configured grsecurity with Automatic, Performance, and Server.

How much overhead I can expect with software like Apache2, php5-fpm, and MySQL ?

Thank you very much.

Karl
karlsc
 
Posts: 1
Joined: Fri Jul 17, 2015 7:09 am

Return to grsecurity support

cron