1 |
--[cut]-- |
2 |
Remember that RSBAC does not work with PaX on a recent kernels. |
3 |
--[cut]-- |
4 |
|
5 |
Thank you, 'cause this point |
6 |
(the presence of a usable PaX) |
7 |
is important to me! |
8 |
|
9 |
--[cut]-- |
10 |
While there are some problems with keeping hardened-sources up |
11 |
to date in Portage. ;) So you better use kernel patches from here: |
12 |
http://www.grsecurity.net/~spender/ <http://www.grsecurity.net/%7Espender/> |
13 |
--[cut]-- |
14 |
|
15 |
I see the GR-Security, provided in Hardened Gentoo, |
16 |
is not the bare patch, but an "itself-patched" version, |
17 |
so I'm wondering if these improvements become |
18 |
part of the (following releases of the) official patch, |
19 |
or not; I'm asking this just because, if improvements |
20 |
are not included in the official patch, maybe it's better, |
21 |
for me, to use the gentoo-hardened-kernel-source, |
22 |
not-so-up-to-date, but improved! |
23 |
What do you think about this? |