I just saw the changes in your recent release. I still have a few remarks: 1] Recommendation from compatibility with ubuntu system: Rename grsec.conf to 10-grsec.conf or 30-grsec.conf view /etc/sysctl.d/README (ubuntu procps). 2] chmod 600 if possible! if an attacker access in system (system without RBAC), this file indicate the grsecurity options which are deactivated... Practice to try to become root. 3] Consider adding in postinst "usermod -aG grsec-tpe root ||true" for avoid many problems (systemd).
-- Best regards, HacKurx (Loic)
