El 19/08/17 a las 13:18, Aaron W. Swenson escribió: > On 2017-08-19 13:01, Francisco Blas Izquierdo Riera (klondike) wrote: >> El 19/08/17 a las 12:37, Aaron W. Swenson escribió: >>> On 2017-08-15 17:01, Francisco Blas Izquierdo Riera (klondike) wrote: >>>> Hi! >>>> >>>> I'd like to get this one up by Saturday so that we can proceed with >>>> masking and removing of the hardened-sources after upstream stopped >>>> releasing new patches. >>> I hope I’m not too late. >>> >>>> We'd like to note that all the userspace hardening and MAC support >>>> for SELinux provided by Gentoo Hardened will still remain there and >>>> is unaffected by this removal. >>> Where is there? I think you’re talking about the packages, but the news >>> item is about the kernels. It would help to be more specific here. >>> >>> That’s all I had that the others hadn’t touched on. >> Do you think something like that is better then? >> >> We'd like to note that all the userspace hardening and MAC support >> for SELinux provided by Gentoo Hardened will still remain available >> on the portage. Keep in mind though that the security provided by >> these features will be weakened a bit when using >> sys-kernel/gentoo-sources. Also, all PaX related packages other than >> the hardened-sources will remain available for the time being. >> >> > Much better. We should mention that we’re specifically discussing > packages and not portage itself. At least, that’s my understanding from > your edit. > > Here’s my take on it: > > We'd like to note that all the userspace hardening and MAC support for > SELinux provided by Gentoo Hardened will still remain in the packages > found in portage. Keep in mind, though, that the security provided by > these features will be weakened a bit when using > sys-kernel/gentoo-sources. Also, all PaX related packages, except > sys-kernel/hardened-sources, will remain available for the time being.
I updated the news item with your propossal. Thanks a lot :)
signature.asc
Description: OpenPGP digital signature
