1 |
Le Mercredi 24 Mars 2010 20:47:08, Mansour Moufid a écrit : |
2 |
> Hello, |
3 |
> |
4 |
> The latest stable release of grsecurity is for 2.6.32 kernels. |
5 |
> Gentoo's hardened-sources have been stuck at 2.6.28-r9 for a while |
6 |
> now. Is there any particular reason for this? |
7 |
> |
8 |
> Stability is important, but it's also fact that many (most?) |
9 |
> vulnerabilities in Linux are fixed silently as non-security updates in |
10 |
> the latest kernels. The grsecurity/PaX team has been tracking and |
11 |
> backporting these sorts of stealth vulnerability fixes. Therefore, |
12 |
> would it not make more sense for Gentoo Hardened to follow their lead? |
13 |
> Especially considering they will be supporting 2.6.32 on a long term |
14 |
> basis[1]. |
15 |
> |
16 |
> Thanks for your time. |
17 |
> |
18 |
> [1] <http://grsecurity.net/news.php#stablechosen> |
19 |
|
20 |
Try hardened-development overlay (available via layman) |
21 |
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=summary |
22 |
|
23 |
It provides a recent kernel and some toolchain patches |
24 |
|
25 |
|
26 |
|
27 |
-- |
28 |
Guillaume Castagnino |
29 |
casta@×××××.info / guillaume@××××××××××.org |