[grsec] grsecurity 2.1.11 released for Linux 2.4.36.2/2.6.24.4

tibor.tolgyesi at partners.vodafone.hu tibor.tolgyesi at partners.vodafone.hu
Wed Apr 16 03:36:21 EDT 2008


Hi guys,

This might be a little off-topic. I don't know much about the history of grsec and pax, but if these patches are really good things, then why not merge them in the official kernel source?

What is against this?

Regards,
Tibor Tölgyesi

-----Original Message-----
From: Carlos Carvalho [mailto:carlos at fisica.ufpr.br] 
Sent: Wednesday, April 16, 2008 4:55 AM
To: grsecurity at grsecurity.net
Subject: Re: [grsec] grsecurity 2.1.11 released for Linux 2.4.36.2/2.6.24.4

Brad Spengler (spender at grsecurity.net) wrote on 14 April 2008 21:07:
 >It is not clear if the PaX Team will be able to continue supporting 
 >future versions of the 2.6 kernels, given their rapid rate of release 
 >and the incredible amount of work that goes into porting such a 
 >low-level enhancement to the kernel (especially now in view of the 
 >reworking of the i386/x86-64 trees). It may be necessary that grsecurity 
 >instead track the Ubuntu LTS kernel so that users can have a stable 
 >kernel with up-to-date security fixes. I will update this page when a 
 >final decision has been reached.

This would be very inconvenient for those who don't run ubuntu, and
worse for those that compile their own kernels...

There are some releases that are meant to be stable and include fixes
(not only security ones), such as the one taken care of by Adrian
Bunk. I suggest you track one of these instead of a distribution's.
It'd have to be a release that has the unification of the i386/x86-64
trees though.
_______________________________________________
grsecurity mailing list
grsecurity at grsecurity.net
http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity



More information about the grsecurity mailing list