| 1 |
--[cut]-- |
| 2 |
Remember that RSBAC does not work with PaX on a recent kernels. |
| 3 |
--[cut]-- |
| 4 |
|
| 5 |
Thank you, 'cause this point |
| 6 |
(the presence of a usable PaX) |
| 7 |
is important to me! |
| 8 |
|
| 9 |
--[cut]-- |
| 10 |
While there are some problems with keeping hardened-sources up |
| 11 |
to date in Portage. ;) So you better use kernel patches from here: |
| 12 |
http://www.grsecurity.net/~spender/ <http://www.grsecurity.net/%7Espender/> |
| 13 |
--[cut]-- |
| 14 |
|
| 15 |
I see the GR-Security, provided in Hardened Gentoo, |
| 16 |
is not the bare patch, but an "itself-patched" version, |
| 17 |
so I'm wondering if these improvements become |
| 18 |
part of the (following releases of the) official patch, |
| 19 |
or not; I'm asking this just because, if improvements |
| 20 |
are not included in the official patch, maybe it's better, |
| 21 |
for me, to use the gentoo-hardened-kernel-source, |
| 22 |
not-so-up-to-date, but improved! |
| 23 |
What do you think about this? |
Archives