| 1 |
Hi, |
| 2 |
|
| 3 |
I don't have much to add, but I'd like to clear two misunderstandings |
| 4 |
here: |
| 5 |
|
| 6 |
On Mon, 8 May 2017 20:08:07 +0200 |
| 7 |
Miroslav Rovis <miro.rovis@××××××××××××××.hr> wrote: |
| 8 |
|
| 9 |
> And really since late in 2016 no more entries in the Changelog. Pls. |
| 10 |
> note that I'm only stating the facts, not complaining. |
| 11 |
|
| 12 |
AFAIK the Changelogs aren't updated anymore (in the whole gentoo tree). |
| 13 |
|
| 14 |
> > * NSA SELinux instead PAX MPROTECT? |
| 15 |
> I hope this is a joke. It looks like one, at first sight, but there |
| 16 |
> are half a dozen "NSA SELinux" instances to be found in the latest |
| 17 |
> hardened-sources. |
| 18 |
> |
| 19 |
> # grep 'NSA SE' /usr/src/linux/security/selinux/Kconfig |
| 20 |
> bool "NSA SELinux Support" |
| 21 |
> ... |
| 22 |
> # |
| 23 |
> (where linux is a hardened-sources installation) |
| 24 |
> |
| 25 |
> If hardened would be down to SELinux, I wouldn't be hardening any |
| 26 |
> more. |
| 27 |
|
| 28 |
SELinux isn't a patch applied by hardened-sources, it's a subsystem of |
| 29 |
the mainline kernel. grsec was really the only significant difference |
| 30 |
between hardened-sources and gentoo-sources. |
| 31 |
|
| 32 |
Regards, |
| 33 |
Luis |
Archives