| 1 |
On Wed, 11 Apr 2007 14:58:41 -0700 |
| 2 |
Ned Ludd <solar@g.o> wrote: |
| 3 |
|
| 4 |
> On Wed, 2007-04-11 at 23:40 +0200, Natanael Copa wrote: |
| 5 |
> > On Wed, 11 Apr 2007 12:20:32 -0700 |
| 6 |
> > Ned Ludd <solar@g.o> wrote: |
| 7 |
> > |
| 8 |
> > > On Wed, 2007-04-11 at 20:51 +0200, Natanael Copa wrote: |
| 9 |
> > > > Hi, |
| 10 |
> > > > |
| 11 |
> > > > Are there any plans for official vserver+grsecurity sources? They have |
| 12 |
> > > > patches on the vserver frontpage. |
| 13 |
> > > |
| 14 |
> > > Not officially. But users report being able to swap in the vserver |
| 15 |
> > > patched grsec easy enough over the 4450_grsec.. But long term I do not |
| 16 |
> > > think this is something hardened directly wishes to support cuz the |
| 17 |
> > > patching tends to involve ~30 or so rejects. |
| 18 |
> > |
| 19 |
> > why not use the patches on vanilla? |
| 20 |
> |
| 21 |
> vanilla or not. grsec-only and vserver touch several of the same areas |
| 22 |
> the in a kernel. |
| 23 |
|
| 24 |
I don't quite follow. Will the |
| 25 |
http://people.linux-vserver.org/~harry/patch-2.6.19.7-vs2.2.0-grsec2.1.10-20070402.diff vserver+grsec patch they provide on the vserver frontpage |
| 26 |
http://linux-vserver.org not "just work" on vanilla? |
| 27 |
|
| 28 |
I have not yet tried vserver. A user requested it and i have also been looking for a paravirtualization for grsec latetly. Seems like vserver is the only thing that works with grsec uless you have VT hardware or run full virtualization like vmware. (the user said it was even possible to run vserver inside vmware) |
| 29 |
|
| 30 |
Natanael Copa |
| 31 |
-- |
| 32 |
gentoo-hardened@g.o mailing list |
Archives