1 |
o_O I don't see grsecurity there! Am I blind? |
2 |
|
3 |
.config - Linux Kernel v2.6.36-hardened-r5 Configuration |
4 |
────────────────────────────────────────────────────────────────────────────── |
5 |
┌─────────────────────────── Security options ────────────────────────────┐ |
6 |
│ Arrow keys navigate the menu. <Enter> selects submenus --->. │ |
7 |
│ Highlighted letters are hotkeys. Pressing <Y> includes, <N> excludes, │ |
8 |
│ <M> modularizes features. Press <Esc><Esc> to exit, <?> for Help, </> │ |
9 |
│ for Search. Legend: [*] built-in [ ] excluded <M> module < > │ |
10 |
│ ┌─────────────────────────────────────────────────────────────────────┐ │ |
11 |
│ │ -*- Enable access key retention support │ │ |
12 |
│ │ [*] Enable the /proc/keys file by which keys may be viewed │ │ |
13 |
│ │ [*] Enable different security models │ │ |
14 |
│ │ [ ] Enable the securityfs filesystem │ │ |
15 |
│ │ [*] Socket and Networking Security Hooks │ │ |
16 |
│ │ [ ] XFRM (IPSec) Networking Security Hooks │ │ |
17 |
│ │ [ ] Security hooks for pathname based access control │ │ |
18 |
│ │ [ ] Enable Intel(R) Trusted Execution Technology (Intel(R) TXT) │ │ |
19 |
│ │ [ ] NSA SELinux Support │ │ |
20 |
│ │ [ ] Simplified Mandatory Access Control Kernel Support │ │ |
21 |
│ │ [ ] TOMOYO Linux Support │ │ |
22 |
│ │ [ ] AppArmor support (NEW) │ │ |
23 |
│ │ [ ] Integrity Measurement Architecture(IMA) │ │ |
24 |
│ │ Default security module (Unix Discretionary Access Controls) │ │ |
25 |
│ │ │ │ |
26 |
│ │ │ │ |
27 |
│ │ │ │ |
28 |
│ └─────────────────────────────────────────────────────────────────────┘ │ |
29 |
├─────────────────────────────────────────────────────────────────────────┤ |
30 |
│ <Select> < Exit > < Help > │ |
31 |
└─────────────────────────────────────────────────────────────────────────┘ |
32 |
|
33 |
|
34 |
On Wed, Dec 08, 2010 at 11:37:28PM -0500, Anthony G. Basile wrote: |
35 |
> Hi everyone, |
36 |
> |
37 |
> I need to fast track stabilize hardened-sources-2.6.32-r30 and |
38 |
> hardened-sources-2.6.36-r5 because of a local root exploit on all |
39 |
> earlier kernels. The ebuilds just hit the tree. |
40 |
> |
41 |
> Can I get feedback on how those kernels fair on x86 and amd64 arches? I |
42 |
> don't want to introduce new bugs that can be avoided. I hope to mark |
43 |
> them stable in about one week. |
44 |
> |
45 |
> Thanks. |
46 |
> |
47 |
> -- |
48 |
> Anthony G. Basile, Ph.D. |
49 |
> Gentoo Developer |