From: | "Toralf Förster" <toralf@g.o> | ||
---|---|---|---|
To: | gentoo-project@l.g.o | ||
Subject: | Re: [gentoo-project] The status of grsecurity upstream and hardened-sources downstream | ||
Date: | Fri, 23 Jun 2017 17:49:23 | ||
Message-Id: | 831a1b68-1083-ba04-faff-77267b7b06a1@gentoo.org | ||
In Reply to: | [gentoo-project] The status of grsecurity upstream and hardened-sources downstream by "Anthony G. Basile" |
1 | On 06/23/2017 06:28 PM, Anthony G. Basile wrote: |
2 | > I don't recommend we remove any of the machinery from Gentoo that deals with PaX |
3 | > markings. |
4 | |
5 | I'm still using the hardened profile both at my desktop and my server - |
6 | now together with latest stable vanilla-kernel by directly following the |
7 | stable kernel git |
8 | (echo "sys-kernel/vanilla-sources-4.10.13" >> |
9 | /etc/portage/profile/package.provided). |
10 | I realized (at the tinderbox images as well), that PAX-marking error |
11 | messages do occur, when I didn't add '-paxkernel' to my USE flags. |
12 | |
13 | I do wonder, if the PAX marking logic could detect a running |
14 | non-hardened kernel and therefore silently skip the step ? |
15 | |
16 | -- |
17 | Toralf |
18 | PGP 23217DA7 9B888F45 |
File name | MIME type |
---|---|
signature.asc | application/pgp-signature |
Subject | Author |
---|---|
Re: [gentoo-project] The status of grsecurity upstream and hardened-sources downstream | Mike Gilbert <floppym@g.o> |
Re: [gentoo-project] The status of grsecurity upstream and hardened-sources downstream | Michael Orlitzky <mjo@g.o> |