[grsec] grsec + xen or openvz

[Rik Bobbaers]

heya,

i put an md5sums file online so you can check if that one is correct.
and indeed, on http://people.linux-vserver.org/~harry you find all sorts 
of patches, some docs, some scripts, ...

if you run into any problems, join us on #vserver on oftc or just mail ;)

have fun with it (ps. i'm running 2.6.19.7-vs2.2.0-grsec2.1.10 without 
problems at the moment. but please read the readme file before enabling 
chroot restrictions)

greetings,

ps. i allways had problems with "signing" or "md5summing" patches, 
because that doesn't REALLY enhance security... you still can never be 
completely sure...

Sandino Araico Sánchez wrote:

> Linux-vserver is not virtualization but openVZ is neither. They are both 
> based on kernel-based process isolation.
> I have never tried to patch openVZ kernels with grsec but patching 
> vanilla kernels with grsec and linux-vserver is easy.
> Here's the grsec + vserver patch announced in the linux-vserver site:
> http://people.linux-vserver.org/~harry/patch-2.6.19.7-vs2.2.0-grsec2.1.10-20070402.diff
> It's not signed I don't know why. Perhaps harry is not interested in 
> signing his patches....
-- 
harry
aka Rik Bobbaers

K.U.Leuven - LUDIT          -=- Tel: +32 485 52 71 50
Rik.Bobbaers at cc.kuleuven.be -=- http://people.linux-vserver.org/~harry

Nobody notices when things go right.

Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm