El 16/08/17 a las 15:36, Robert Sharp escribió: > On 16/08/17 11:09, Francisco Blas Izquierdo Riera (klondike) wrote: >> El 16/08/17 a las 09:40, Marek Szuba escribió: >>> Two tiny bits of formal nitpicking from my side: >>> - it's "grsecurity" (not a typo, they do use a lowercase g except when >>> the name appears at the beginning of a sentence), not "grsec"; >>> - the patches were not *distributed by* grsecurity, they *are* >>> grsecurity. The vendor's name is Open Source Security, Inc. >> Nowadays it is, but this hasn't always been the case. You'll notice the >> presence of a /dev/grsec and you'll also find grsec referenced accross >> some old patches. Anyways I changed it. >> >> The same applies to Open Source Security, Inc. the company was founded >> on 2008 but grsecurity has been around for much longer. That's why I >> prefer to refer to Brad Spengler and The PaX team here as they are still >> the real upstream behind Open Source Security, Inc. >> >> > Would anyone like to outline a simple process to migrate from > hardened-sources + hardened tool-chain to gentoo-sources? > Unless you want to drop userspace hardening (which most likely you don't as it is still useful on vanilla kernels) a simple copy of the .config file to gentoo sources followed by make oldconfig will work in the vast majority of cases.
> Presumably if I just drag my config file across it will cause all > sorts of problems? > Nah, not really, as long as you do oldconfig you should be fine. Most of the config changes were compatimentalized under the grsecurity section. > Do I need to work backwards through the hardening guide, for example? > Definitively not :)
signature.asc
Description: OpenPGP digital signature
