[grsec] Separate security backports/fixes from main grsec and PaX patches?
Yves-Alexis Perez
corsac at debian.org
Wed May 11 03:50:36 EDT 2011
Hey,
do you think it'd be possible to publish splitted grsecurity patches,
with the security backports/fixes in a standalone patch (and maybe
grsecurity an PaX splitted too)?
I'm asking this because I'm trying to make Debian kernels with
grsecurity patch and the security patches are usually already included
by the kernel team, meaning I have to remove them manually from the
grsecurity patch, and it's always painful to manage that kind of thing
(especially porting existing work from one kernel to another or one
patch to another).
As the Debian kernel team currently doesn't use git but svn and as the
grsecurity patch is, well, a patch, I'm mostly doing this manually,
patching and finding rejects, then fixing them. It'd be easier for me
(and maybe some other people running non vanilla kernel) to have that
splitted. Not sure how much work that means on your side so it might be
an unpractical idea, but in case...
Regards, and thanks for your work.
--
Yves-Alexis
More information about the grsecurity
mailing list