1 |
On Mon, 2005-12-05 at 12:04 +0100, Max Lorenz wrote: |
2 |
> Hi all. |
3 |
> |
4 |
> On a server I'd normally only update for security and bug fixes or new |
5 |
> stuff I'm interested in and until now I pretty much skipped toolchain |
6 |
> updates. But in the light of the recent binutils, gcc, etc. updates |
7 |
> and as the toolchain contains much of the hardened logic (pie, ssp) my |
8 |
> question is: should I always update to the latest (stable) toolchain |
9 |
> packages, especially from a security POV? I'm running grsecurity and |
10 |
> PaX w/o RBAC if that matters. |
11 |
|
12 |
|
13 |
I don't think the toolchain (3.3.x vs 3.4.x) matter from a sec POV. |
14 |
|
15 |
|
16 |
> Another question. How long will 2.4 kernels be supported by the |
17 |
> Hardened project? Because IIRC grsecurity and RSBAC still recommend |
18 |
> the usage of 2.4 kernels as default. |
19 |
|
20 |
hardened-sources-2.4.32 was marked stable yesterday. |
21 |
It will be supported till such time as it can't be or all existing |
22 |
developers have lost interest. I can't really see that happening |
23 |
anytime soon, but the pace is for sure slowing down. |
24 |
|
25 |
-- |
26 |
Ned Ludd <solar@g.o> |
27 |
Gentoo Linux |
28 |
|
29 |
-- |
30 |
gentoo-hardened@g.o mailing list |