Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: "Francisco Blas Izquierdo Riera (klondike)" <klondike@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] New item for sys-kernel/hardened-sources removal
Date: Sat, 19 Aug 2017 11:34:38
Message-Id: 04b1f829-48fd-da30-4770-03ddc297b712@gentoo.org
In Reply to: Re: [gentoo-dev] New item for sys-kernel/hardened-sources removal by "Aaron W. Swenson"
1 El 19/08/17 a las 13:18, Aaron W. Swenson escribió:
2 > On 2017-08-19 13:01, Francisco Blas Izquierdo Riera (klondike) wrote:
3 >> El 19/08/17 a las 12:37, Aaron W. Swenson escribió:
4 >>> On 2017-08-15 17:01, Francisco Blas Izquierdo Riera (klondike) wrote:
5 >>>> Hi!
6 >>>>
7 >>>> I'd like to get this one up by Saturday so that we can proceed with
8 >>>> masking and removing of the hardened-sources after upstream stopped
9 >>>> releasing new patches.
10 >>> I hope I’m not too late.
11 >>>
12 >>>> We'd like to note that all the userspace hardening and MAC support
13 >>>> for SELinux provided by Gentoo Hardened will still remain there and
14 >>>> is unaffected by this removal.
15 >>> Where is there? I think you’re talking about the packages, but the news
16 >>> item is about the kernels. It would help to be more specific here.
17 >>>
18 >>> That’s all I had that the others hadn’t touched on.
19 >> Do you think something like that is better then?
20 >>
21 >> We'd like to note that all the userspace hardening and MAC support
22 >> for SELinux provided by Gentoo Hardened will still remain available
23 >> on the portage. Keep in mind though that the security provided by
24 >> these features will be weakened a bit when using
25 >> sys-kernel/gentoo-sources. Also, all PaX related packages other than
26 >> the hardened-sources will remain available for the time being.
27 >>
28 >>
29 > Much better. We should mention that we’re specifically discussing
30 > packages and not portage itself. At least, that’s my understanding from
31 > your edit.
32 >
33 > Here’s my take on it:
34 >
35 > We'd like to note that all the userspace hardening and MAC support for
36 > SELinux provided by Gentoo Hardened will still remain in the packages
37 > found in portage. Keep in mind, though, that the security provided by
38 > these features will be weakened a bit when using
39 > sys-kernel/gentoo-sources. Also, all PaX related packages, except
40 > sys-kernel/hardened-sources, will remain available for the time being.
41
42 I updated the news item with your propossal. Thanks a lot :)

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] New item for sys-kernel/hardened-sources removal R0b0t1 <r030t1@×××××.com>
Report Message
Find on MARC Find on Google Groups