1 |
Hi, |
2 |
|
3 |
I don't have much to add, but I'd like to clear two misunderstandings |
4 |
here: |
5 |
|
6 |
On Mon, 8 May 2017 20:08:07 +0200 |
7 |
Miroslav Rovis <miro.rovis@××××××××××××××.hr> wrote: |
8 |
|
9 |
> And really since late in 2016 no more entries in the Changelog. Pls. |
10 |
> note that I'm only stating the facts, not complaining. |
11 |
|
12 |
AFAIK the Changelogs aren't updated anymore (in the whole gentoo tree). |
13 |
|
14 |
> > * NSA SELinux instead PAX MPROTECT? |
15 |
> I hope this is a joke. It looks like one, at first sight, but there |
16 |
> are half a dozen "NSA SELinux" instances to be found in the latest |
17 |
> hardened-sources. |
18 |
> |
19 |
> # grep 'NSA SE' /usr/src/linux/security/selinux/Kconfig |
20 |
> bool "NSA SELinux Support" |
21 |
> ... |
22 |
> # |
23 |
> (where linux is a hardened-sources installation) |
24 |
> |
25 |
> If hardened would be down to SELinux, I wouldn't be hardening any |
26 |
> more. |
27 |
|
28 |
SELinux isn't a patch applied by hardened-sources, it's a subsystem of |
29 |
the mainline kernel. grsec was really the only significant difference |
30 |
between hardened-sources and gentoo-sources. |
31 |
|
32 |
Regards, |
33 |
Luis |