Thx for sharing this kernel option, and this experience.
Under Gentoo Linux it is very easy to have GRSecurity. I do use it both on my desktop and my server w/o bigger problems.
So I'm thinking about destroying my current vps relay, then rebuild a new "hardened" one may be more secure (I hope) after reading some tips about securing Debian... try to do my best, next time :p
But if I understand well, a user from the IP address 5.79.67.47 has tried to execute system commands after beeing connected successfully to your boinc instance ?
That was my understanding - right. OTOH I'm unsure if this is the only explanation - maybe there's a harmless one too.
Humm, if using a firewall script (iptables may be too in Gentoo?) to block everything /from/ the world, I think it's ok? Activate only SSH + TOR ports open. Boinc will only need to /connect to outside/ as a client (of course only your personal IP will be able to connect from outside with the manager)