Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Ned Ludd <solar@g.o>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] hardened-sources + vserver?
Date: Wed, 11 Apr 2007 22:59:26
Message-Id: 1176332248.8703.17.camel@onyx.private.gni.com
In Reply to: Re: [gentoo-hardened] hardened-sources + vserver? by Natanael Copa
1 On Thu, 2007-04-12 at 00:40 +0200, Natanael Copa wrote:
2 > On Wed, 11 Apr 2007 14:58:41 -0700
3 > Ned Ludd <solar@g.o> wrote:
4 >
5 > > On Wed, 2007-04-11 at 23:40 +0200, Natanael Copa wrote:
6 > > > On Wed, 11 Apr 2007 12:20:32 -0700
7 > > > Ned Ludd <solar@g.o> wrote:
8 > > >
9 > > > > On Wed, 2007-04-11 at 20:51 +0200, Natanael Copa wrote:
10 > > > > > Hi,
11 > > > > >
12 > > > > > Are there any plans for official vserver+grsecurity sources? They have
13 > > > > > patches on the vserver frontpage.
14 > > > >
15 > > > > Not officially. But users report being able to swap in the vserver
16 > > > > patched grsec easy enough over the 4450_grsec.. But long term I do not
17 > > > > think this is something hardened directly wishes to support cuz the
18 > > > > patching tends to involve ~30 or so rejects.
19 > > >
20 > > > why not use the patches on vanilla?
21 > >
22 > > vanilla or not. grsec-only and vserver touch several of the same areas
23 > > the in a kernel.
24 >
25 > I don't quite follow. Will the
26 > http://people.linux-vserver.org/~harry/patch-2.6.19.7-vs2.2.0-grsec2.1.10-20070402.diff vserver+grsec patch they provide on the vserver frontpage
27 > http://linux-vserver.org not "just work" on vanilla?
28
29 probably would work.. guessing vanilla is what they base the patch on
30 anyway. But either way it's not something that hardened itself directly
31 wishes to support at this time..
32
33 Good luck however.
34
35
36
37 > I have not yet tried vserver. A user requested it and i have also been looking for a paravirtualization for grsec latetly. Seems like vserver is the only thing that works with grsec uless you have VT hardware or run full virtualization like vmware. (the user said it was even possible to run vserver inside vmware)
38 >
39 > Natanael Copa
40 --
41 Ned Ludd <solar@g.o>
42 Gentoo Linux
43
44 --
45 gentoo-hardened@g.o mailing list
Report Message
Find on MARC Find on Google Groups