| 1 |
> Von: pageexec@××××××××.hu |
| 2 |
|
| 3 |
> when you speak of virtualization and kernels, you should always specify |
| 4 |
> whether you're talking about the guest or host kernel (or both) as the |
| 5 |
> answer varies between them. |
| 6 |
|
| 7 |
I was thinking about both but at least I want it for the host side. |
| 8 |
|
| 9 |
> on the host side, i think pretty much all of grsec/PaX will work fine |
| 10 |
> except for KERNEXEC (and even that is not unfixable either, but it needs |
| 11 |
> a patch in the hypervisor code itself, not PaX). |
| 12 |
|
| 13 |
Unfortunately I am not able to do such coding :-/ |
| 14 |
If you talk about KERNEXEC I guess the kernel option CONFIG_GRKERNSEC_KMEM has to be disabled. Could I use RBAC |
| 15 |
to get back anything of the lost protection? |
| 16 |
|
| 17 |
If I want to try XEN what's the preferred way to implement it? Downloading |
| 18 |
a kernel patched with XEN and then patching with grsecurity or reverse? |
| 19 |
|
| 20 |
Best Regards, |
| 21 |
|
| 22 |
Werner |
| 23 |
-- |
| 24 |
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS. |
| 25 |
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail |
| 26 |
-- |
| 27 |
gentoo-hardened@g.o mailing list |
Archives