Hi, On Mon, 1 May 2017 12:24:14 +0200 Daniel Cegiełka wrote: [...] > Summing up: > > * PaX is the most important part of Gentoo Hardened project > (Grsecurity, SELinux, RSBAC) > > * We can't use the 'grsecurity' name, which means that fork of > grsecurity == rewriting everything with 'grsecurity' (or 'grsec') > name... (~225k LOC grsec+PaX) > > * PaX (~176k LOC) is available as a separate patch (1), so we can use > it without the risk of 'grsecurity' trademark > > My opinion is: we should continue to use PaX patch and keep the Gentoo > Hardened project alive. > > (1) https://www.grsecurity.net/~paxguy1/
Are you sure PaX patches will be updated? Because PaXTeam claims they will not be published [1]: "As this is a joint decision, there will be no public PaX patches for future kernels. This is effective April 26th 2017." Or do you suggest to support PaX with our own resources? [1] https://grsecurity.net/passing_the_baton_faq.php Best regards, Andrew Savchenko
pgpIgt51W1Eow.pgp
Description: PGP signature
