1 |
Mivz wrote: |
2 |
|
3 |
> When I use the hardened portage profile |
4 |
> (/usr/portage/profiles/hardened/x86) |
5 |
> I can not merge a 2.6 kernel. It reports it is masked by profile. |
6 |
> Then a again. When I want to use SELinux it is advised to use a 2.6 |
7 |
> kernel. |
8 |
> This is no problem whit the SELinux profile. |
9 |
> But when the SELinux distro is hardened, why can't I use a 2.6 kernel |
10 |
> whit the default hardened profile? |
11 |
> Is 2.6 not secure enoughe? Is 2.6 onley secure enoughe whit SELinux |
12 |
> enabled? |
13 |
> |
14 |
> What does the hardened/SELinux profile actually do, except for the |
15 |
> CFLAGS, LDFLAGS and the package masks? Could I just use a normal |
16 |
> profile and add the correct flags to my make.conf? |
17 |
> Or are the use flags (hardened, pic and pie) enough to build a |
18 |
> Hardened Gentoo system and will the ebuilds addapt the FLAGS to those? |
19 |
> |
20 |
> Mivz |
21 |
|
22 |
To phrase it clearly, default kernel with hardened profile is 2.4, while |
23 |
its 2.6 with other profiles. |
24 |
This is because the 2.4 kernel is usually considered more stable/secure |
25 |
as it does not change a lot and has been reviewed a few times. |
26 |
|
27 |
So you should just point your profile to 2.6 |
28 |
-- |
29 |
gentoo-hardened@g.o mailing list |