Gentoo Archives: gentoo-hardened

From: Marco Venutti <veeenrg@×××××.com>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] "How hard" is Linux kernel-side hardening?
Date: Mon, 21 Sep 2009 15:10:37
In Reply to: Re: [gentoo-hardened] "How hard" is Linux kernel-side hardening? by Pavel Labushev
Remember that RSBAC does not work with PaX on a recent kernels.

Thank you, 'cause this point
(the presence of a usable PaX)
is important to me!

While there are some problems with keeping hardened-sources up
to date in Portage. ;) So you better use kernel patches from here: <>

I see the GR-Security, provided in Hardened Gentoo,
is not the bare patch, but an "itself-patched" version,
so I'm wondering if these improvements become
part of the (following releases of the) official patch,
or not; I'm asking this just because, if improvements
are not included in the official patch, maybe it's better,
for me, to use the gentoo-hardened-kernel-source,
not-so-up-to-date, but improved!
What do you think about this?


Subject Author
Re: [gentoo-hardened] "How hard" is Linux kernel-side hardening? RB <aoz.syn@×××××.com>