Archives
Archives
| From: | Michael Orlitzky <mjo@g.o> | ||
|---|---|---|---|
| To: | gentoo-project@l.g.o | ||
| Subject: | Re: [gentoo-project] The status of grsecurity upstream and hardened-sources downstream | ||
| Date: | Fri, 23 Jun 2017 18:48:08 | ||
| Message-Id: | ff99db04-f761-0ea7-5b8c-22d47a9a325f@gentoo.org | ||
| In Reply to: | Re: [gentoo-project] The status of grsecurity upstream and hardened-sources downstream by "Toralf Förster" |
||
| 1 | On 06/23/2017 01:49 PM, Toralf Förster wrote: |
| 2 | > |
| 3 | > I do wonder, if the PAX marking logic could detect a running |
| 4 | > non-hardened kernel and therefore silently skip the step ? |
| 5 | > |
| 6 | |
| 7 | If it did that, you'd have to "emerge -e @world" every time you booted |
| 8 | into a hardened kernel after running a vanilla one. To add to the |
| 9 | trouble, that "emerge" would probably fail due to things being killed by |
| 10 | PaX. |