| 1 |
On Mon, 1 May 2017 09:38:43 +0000 Sven Vermeulen wrote: |
| 2 |
> Hi all, |
| 3 |
> |
| 4 |
> There is a nice debate ongoing on the mailinglist [1] on the topic of |
| 5 |
> grsecurity's recent decision to no longer provide the test patches to the |
| 6 |
> public. I'd like to keep the debate on the rationale of it in that |
| 7 |
> discussion, but focus here on what we, from Gentoo Hardened, now need to do |
| 8 |
> or which direction we're going to move forward with. |
| 9 |
> |
| 10 |
> [1] |
| 11 |
> https://archives.gentoo.org/gentoo-hardened/message/a06145056b167f52c079bffd9c9a51ac |
| 12 |
> |
| 13 |
> The obvious step is indeed to stop further *current* development on |
| 14 |
> hardened-sources. |
| 15 |
|
| 16 |
Why not support hardened-sources while corresponding vanilla |
| 17 |
kernels are still supported? E.g. 4.9 is a longterm branch, so we |
| 18 |
should be able to keep hardened-sources-4.9* up-to-date with |
| 19 |
vanilla bugfixes. This will give a nice transition period for |
| 20 |
hardened users. |
| 21 |
|
| 22 |
Best regards, |
| 23 |
Andrew Savchenko |
Archives