* Re: [gentoo-project] The status of grsecurity upstream and hardened-sources downstream
@ 2017-06-23 17:49 99% ` Toralf Förster
0 siblings, 0 replies; 1+ results
From: Toralf Förster @ 2017-06-23 17:49 UTC (permalink / raw
To: gentoo-project
[-- Attachment #1.1: Type: text/plain, Size: 708 bytes --]
On 06/23/2017 06:28 PM, Anthony G. Basile wrote:
> I don't recommend we remove any of the machinery from Gentoo that deals with PaX
> markings.
I'm still using the hardened profile both at my desktop and my server -
now together with latest stable vanilla-kernel by directly following the
stable kernel git
(echo "sys-kernel/vanilla-sources-4.10.13" >>
/etc/portage/profile/package.provided).
I realized (at the tinderbox images as well), that PAX-marking error
messages do occur, when I didn't add '-paxkernel' to my USE flags.
I do wonder, if the PAX marking logic could detect a running
non-hardened kernel and therefore silently skip the step ?
--
Toralf
PGP 23217DA7 9B888F45
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2017-06-23 16:28 [gentoo-project] The status of grsecurity upstream and hardened-sources downstream Anthony G. Basile
2017-06-23 17:49 99% ` Toralf Förster
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox