| 1 |
After re-reading the official announcement, rather than the one I saw on |
| 2 |
a tech news website, it appears only hardened-sources are being pulled |
| 3 |
rather than the whole project. That is good news. For a moment I thought |
| 4 |
all the PaX files were being removed, which would be a major blow to |
| 5 |
security for those who need it. |
| 6 |
|
| 7 |
Per announcement: |
| 8 |
> Also, all PaX related packages, except |
| 9 |
sys-kernel/hardened-sources, will remain available for the time being. |
| 10 |
https://www.gentoo.org/support/news-items/2017-08-19-hardened-sources-removal.html |
| 11 |
|
| 12 |
I guess I can live with an overlay for now, although |
| 13 |
unofficial-hardened-sources would make a nice addition to the entire |
| 14 |
project, they are very stable for me. Thank you again and keep up the |
| 15 |
good work. |
| 16 |
|
| 17 |
On 2017-08-23 10:10, bob@××××××××.com wrote: |
| 18 |
> Hello Everyone, |
| 19 |
> I just heard that gentoo-hardened will be scrapped by end-of-month. |
| 20 |
> Well, I have some good news - it doesn't have to be. A project has |
| 21 |
> risen up to continue supporting the patch on future kernels and I have |
| 22 |
> been running it successfully for over a month with the stock hardened |
| 23 |
> profile. |
| 24 |
> |
| 25 |
> You can download the patches here, they are also GPG signed: |
| 26 |
> https://github.com/minipli/linux-unofficial_grsec/releases |
| 27 |
> |
| 28 |
> So-called "linux-hardened project (KSPP)" and "SELinux" do not even |
| 29 |
> slightly compare at their current stage of development in terms of |
| 30 |
> kernel hardening and PaX protection. In the mid-term, I would |
| 31 |
> recommend using these forward patches for hardened-LTS 4.9.x and hope |
| 32 |
> Gentoo-hardened will continue for awhile longer while we wait for |
| 33 |
> further improvements. |
| 34 |
> |
| 35 |
> Thank you for your time and concern. |
Archives