Have we thought about paying spender to give us patches? We could agree to a license that requires it to be on Gentoo....just a thought
On Aug 23, 2017 11:20 AM, <b...@cadamail.com> wrote: > After re-reading the official announcement, rather than the one I saw on a > tech news website, it appears only hardened-sources are being pulled rather > than the whole project. That is good news. For a moment I thought all the > PaX files were being removed, which would be a major blow to security for > those who need it. > > Per announcement: > >> Also, all PaX related packages, except >> > sys-kernel/hardened-sources, will remain available for the time being. > https://www.gentoo.org/support/news-items/2017-08-19-hardene > d-sources-removal.html > > I guess I can live with an overlay for now, although > unofficial-hardened-sources would make a nice addition to the entire > project, they are very stable for me. Thank you again and keep up the good > work. > > On 2017-08-23 10:10, b...@cadamail.com wrote: > >> Hello Everyone, >> I just heard that gentoo-hardened will be scrapped by end-of-month. >> Well, I have some good news - it doesn't have to be. A project has >> risen up to continue supporting the patch on future kernels and I have >> been running it successfully for over a month with the stock hardened >> profile. >> >> You can download the patches here, they are also GPG signed: >> https://github.com/minipli/linux-unofficial_grsec/releases >> >> So-called "linux-hardened project (KSPP)" and "SELinux" do not even >> slightly compare at their current stage of development in terms of >> kernel hardening and PaX protection. In the mid-term, I would >> recommend using these forward patches for hardened-LTS 4.9.x and hope >> Gentoo-hardened will continue for awhile longer while we wait for >> further improvements. >> >> Thank you for your time and concern. >> > >
