[Dev] Drop linux-libre-grsec in favor of linux-libre-hardened
jc_gargma
jc_gargma at iserlohn-fortress.net
Thu May 18 16:09:56 GMT 2017
> what are the significant differences between grsec and hardened?
Most grsecurity features will not be available, notably RAP, hide symbols,
hide proc, hide sys, and module hardening. Perhaps one day they will.
A list of their upstreaming progress can be found here:
https://github.com/thestinger/linux-hardened/wiki#upstream-progress-tracking
Otherwise the changes are largely flipping kernel switches, such as enabling
SELinux by default.
So far hardened appears to be the primary project to continue provisioning
public grsecurity-esque benefits.
> And that's the version of linux-libre-grsec which was wrongly marked
> out-of-date, because we do not support this kind of software.
My understanding of GPLv2 is that if the sole copyright holder re-licenses
their software, this is not retroactive to previously distributed releases nor
outwardly applicable to forks.
Furthermore, as grsecurity did not re-license the test patches, it merely
stopped offering them, the scenario is no different than had grsecurity simply
shut down.
Under this scenario, the out-of-date notice remains correct.
Whether using a no longer maintained kernel release is a good idea is another
matter entirely.
Btw,
>Flagged out-of-date on 2017-04-21
This was 4 days before grsecurity ceased providing public test patches.
-jc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20170518/f1154bb2/attachment.sig>
More information about the Dev
mailing list