Hi, I don't have much to add, but I'd like to clear two misunderstandings here:
On Mon, 8 May 2017 20:08:07 +0200 Miroslav Rovis <miro.ro...@croatiafidelis.hr> wrote: > And really since late in 2016 no more entries in the Changelog. Pls. > note that I'm only stating the facts, not complaining. AFAIK the Changelogs aren't updated anymore (in the whole gentoo tree). > > * NSA SELinux instead PAX MPROTECT? > I hope this is a joke. It looks like one, at first sight, but there > are half a dozen "NSA SELinux" instances to be found in the latest > hardened-sources. > > # grep 'NSA SE' /usr/src/linux/security/selinux/Kconfig > bool "NSA SELinux Support" > ... > # > (where linux is a hardened-sources installation) > > If hardened would be down to SELinux, I wouldn't be hardening any > more. SELinux isn't a patch applied by hardened-sources, it's a subsystem of the mainline kernel. grsec was really the only significant difference between hardened-sources and gentoo-sources. Regards, Luis
pgpY_BOer2s_t.pgp
Description: OpenPGP digital signature
