On Tue, Jan 18, 2011 at 06:32:50PM +0100, Yves-Alexis Perez wrote: > I've started working on 2.6.37 since Brad Sprengler recently released > the grsecurity patch for that kernel.
Is there VCS or is this just a code drop without information about changes? I was not even able to find older patches. Who does code reviews without that information? The patch includes several modifications to selinux and random other parts. Why are they not merged? Please show that they have been submitted at least. > Initial packaging for linux-grsec-base is at > http://git.debian.org/?p=collab-maint/linux-grsec-base.git;a=summary if > needed. Why is this not part of the patch below? Currently the patch only includes informations for i386 and amd64. Please state your intentions about other architectures. > + [ Yves-Alexis Perez ] > + * Add a grsecurity featureset. *nitpick* the patch calls it "Grsecurity". > Index: debian/config/featureset-grsec/config > =================================================================== > --- debian/config/featureset-grsec/config (revision 0) > +++ debian/config/featureset-grsec/config (revision 0) > @@ -0,0 +1,152 @@ > +CONFIG_DEBUG_STRICT_USER_COPY_CHECKS=y Please show why this should not be enabled globaly. > +CONFIG_DEBUG_RODATA=y x86 specific and default on. Bastian -- It would be illogical to kill without reason. -- Spock, "Journey to Babel", stardate 3842.4 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
