| 1 |
I requested a quote from GRsecurity and they told me that although they |
| 2 |
are looking at providing a package for personal customers they don't |
| 3 |
have one at the moment. They recommended minipli as the next best thing... |
| 4 |
|
| 5 |
What about the grsecurity-source overlay? |
| 6 |
|
| 7 |
On 29/03/18 11:47, Guillaume Ceccarelli wrote: |
| 8 |
> Hi all, |
| 9 |
> |
| 10 |
> I’ve been a grsecurity customer for a little over two years now, and |
| 11 |
> my use of it is as a small business, on Gentoo server installations. |
| 12 |
> While I can’t disclose the amount of money I’m paying publicly because |
| 13 |
> every deal is customized, I would encourage you to get in touch using |
| 14 |
> the contact form on grsecurity.net <http://grsecurity.net/> and ask |
| 15 |
> for a quote if you haven’t already. |
| 16 |
> |
| 17 |
> You might just end up with an arrangement you can afford, and grsec is |
| 18 |
> still certainly worth having today. Not only for the feature set, but |
| 19 |
> also for the constant looking over the mainline Linux kernel code, |
| 20 |
> including fixing and backporting more fixes than the regular kernel |
| 21 |
> stable releases, and for knowledge / emails giving context to |
| 22 |
> important kernel vulnerabilities when they occur. |
| 23 |
> |
| 24 |
> |
| 25 |
> Best, |
| 26 |
> |
| 27 |
> – Guillaume Ceccarelli |
| 28 |
> |
| 29 |
> On 28 Mar 2018, at 20:22, R0b0t1 <r030t1@×××××.com |
| 30 |
> <mailto:r030t1@×××××.com>> wrote: |
| 31 |
> |
| 32 |
>> On Wed, Mar 28, 2018 at 12:40 PM, Alex Efros <powerman@××××××××.name |
| 33 |
>> <mailto:powerman@××××××××.name>> wrote: |
| 34 |
>>> Hi! |
| 35 |
>>> |
| 36 |
>>> On Wed, Mar 28, 2018 at 06:06:00PM +0100, Robert Sharp wrote: |
| 37 |
>>>> Does anyone know of a good, post GRSecurity guide to reasonable |
| 38 |
>>>> security |
| 39 |
>>>> for the kernel? In the absence of anything else I will have to go back |
| 40 |
>>>> to the KSPP list and start removing stuff until I can get a stable |
| 41 |
>>>> kernel. |
| 42 |
>>> |
| 43 |
>>> I'm using https://github.com/minipli/linux-unofficial_grsec, but it |
| 44 |
>>> lacks |
| 45 |
>>> Spectre and Meltdown mitigation at the moment (see issues). Still, I |
| 46 |
>>> believe it's the best we can have now (better is probably paid |
| 47 |
>>> GrSec, but |
| 48 |
>>> AFAIK it's impossible or too costly to buy it for home or small |
| 49 |
>>> business). |
| 50 |
>>> |
| 51 |
>> |
| 52 |
>> Previous contributors have access to the code, but it doesn't seem |
| 53 |
>> like there is any way to go that route anymore. |
| 54 |
>> |
Archives