[Dev] Drop linux-libre-grsec in favor of linux-libre-hardened

jc_gargma jc_gargma at iserlohn-fortress.net
Thu May 18 16:09:56 GMT 2017

> what are the significant differences between grsec and hardened?
Most grsecurity features will not be available, notably RAP, hide symbols, 
hide proc, hide sys, and module hardening. Perhaps one day they will.
A list of their upstreaming progress can be found here:

Otherwise the changes are largely flipping kernel switches, such as enabling 
SELinux by default.

So far hardened appears to be the primary project to continue provisioning 
public grsecurity-esque benefits.

> And that's the version of linux-libre-grsec which was wrongly marked
> out-of-date, because we do not support this kind of software.
My understanding of GPLv2 is that if the sole copyright holder re-licenses 
their software, this is not retroactive to previously distributed releases nor 
outwardly applicable to forks.
Furthermore, as grsecurity did not re-license the test patches, it merely 
stopped offering them, the scenario is no different than had grsecurity simply 
shut down.
Under this scenario, the out-of-date notice remains correct.

Whether using a no longer maintained kernel release is a good idea is another 
matter entirely.

>Flagged out-of-date on 2017-04-21
This was 4 days before grsecurity ceased providing public test patches.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20170518/f1154bb2/attachment.sig>

More information about the Dev mailing list