[gentoo-hardened] HardenedBSD kernel (OT?)

[gentoo-hardened] HardenedBSD kernel (OT?)

[wabe]

Is the kernel of HardenedBSD also concerned by the decision of 
grsecurity folks? If not, is it possible to use this kernel with
gentoo (Gentoo/FreeBSD)?

--
Regards
wabe

Re: [gentoo-hardened] HardenedBSD kernel (OT?)

[Daniel Cegiełka]

2017-05-02 18:55 GMT+02:00 wabe <wabenbau@gmail.com>:
> Is the kernel of HardenedBSD also concerned by the decision of
> grsecurity folks?


No. NetBSD and FreeBSD have their own MPROTECT/ASLR/Segvguard implementation.

https://hardenedbsd.org/content/projects

> If not, is it possible to use this kernel with
> gentoo (Gentoo/FreeBSD)?

I did not use, but don't see a problem.

Re: [gentoo-hardened] HardenedBSD kernel (OT?)

[bryn1u85 .]

[-- Attachment #1: Type: text/plain, Size: 442 bytes --]

Test. Im using hardenedbsd and work great !! Have almost all options which
grsec has. And fully based on BSD lincense which is great ! Still
developing and still news features .

02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com> napisał(a):

> Is the kernel of HardenedBSD also concerned by the decision of
> grsecurity folks? If not, is it possible to use this kernel with
> gentoo (Gentoo/FreeBSD)?
>
> --
> Regards
> wabe
>
>

[-- Attachment #2: Type: text/html, Size: 731 bytes --]

Re: [gentoo-hardened] HardenedBSD kernel (OT?)

[bryn1u85 .]

[-- Attachment #1: Type: text/plain, Size: 660 bytes --]

If i good remamber aslr in hbsd has more bits then grsec.
Featuers of hbsd:
http://hardenedbsd.org/content/easy-feature-comparison

2017-05-02 19:16 GMT+02:00 bryn1u85 . <m.bryn1u@gmail.com>:

> Test. Im using hardenedbsd and work great !! Have almost all options which
> grsec has. And fully based on BSD lincense which is great ! Still
> developing and still news features .
>
> 02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com> napisał(a):
>
>> Is the kernel of HardenedBSD also concerned by the decision of
>> grsecurity folks? If not, is it possible to use this kernel with
>> gentoo (Gentoo/FreeBSD)?
>>
>> --
>> Regards
>> wabe
>>
>>

[-- Attachment #2: Type: text/html, Size: 1374 bytes --]

Re: [gentoo-hardened] HardenedBSD kernel (OT?)

[Javier Juan Martinez Cabezon]

Hi, at first sight hardenedbsd MAC is based on BIBA integrity model, is
not RBAC, is a MAC system as Bell-LaPadula MAC alike but not focused on
confidentiality but integrity instead (basically the same three rules
but inverted). RBAC is too much powerful than MAC and very much flexible





On 02/05/17 19:16, bryn1u85 . wrote:
> Test. Im using hardenedbsd and work great !! Have almost all options
> which grsec has. And fully based on BSD lincense which is great ! Still
> developing and still news features .
> 
> 02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com
> <mailto:wabenbau@gmail.com>> napisał(a):
> 
>     Is the kernel of HardenedBSD also concerned by the decision of
>     grsecurity folks? If not, is it possible to use this kernel with
>     gentoo (Gentoo/FreeBSD)?
> 
>     --
>     Regards
>     wabe
> 

Re: [gentoo-hardened] HardenedBSD kernel (OT?)

[SK]

HardenedBSD really needs developers, i saw lattera wanted to implement
RBAC for hardenedBSD : https://github.com/HardenedBSD/HardenedBSD/issues/235

On 05/02/2017 08:06 PM, Javier Juan Martinez Cabezon wrote:
> Hi, at first sight hardenedbsd MAC is based on BIBA integrity model, is
> not RBAC, is a MAC system as Bell-LaPadula MAC alike but not focused on
> confidentiality but integrity instead (basically the same three rules
> but inverted). RBAC is too much powerful than MAC and very much flexible
>
>
>
>
>
> On 02/05/17 19:16, bryn1u85 . wrote:
>> Test. Im using hardenedbsd and work great !! Have almost all options
>> which grsec has. And fully based on BSD lincense which is great ! Still
>> developing and still news features .
>>
>> 02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com
>> <mailto:wabenbau@gmail.com>> napisał(a):
>>
>>     Is the kernel of HardenedBSD also concerned by the decision of
>>     grsecurity folks? If not, is it possible to use this kernel with
>>     gentoo (Gentoo/FreeBSD)?
>>
>>     --
>>     Regards
>>     wabe
>>
>