I requested a quote from GRsecurity and they told me that although they
are looking at providing a package for personal customers they don't
have one at the moment. They recommended minipli as the next best thing...
What about the grsecurity-source overlay?
On 29/03/18 11:47, Guillaume Ceccarelli wrote:
Hi all,
I’ve been a grsecurity customer for a little over two years now, and
my use of it is as a small business, on Gentoo server installations.
While I can’t disclose the amount of money I’m paying publicly because
every deal is customized, I would encourage you to get in touch using
the contact form on grsecurity.net <http://grsecurity.net/> and ask
for a quote if you haven’t already.
You might just end up with an arrangement you can afford, and grsec is
still certainly worth having today. Not only for the feature set, but
also for the constant looking over the mainline Linux kernel code,
including fixing and backporting more fixes than the regular kernel
stable releases, and for knowledge / emails giving context to
important kernel vulnerabilities when they occur.
Best,
– Guillaume Ceccarelli
On 28 Mar 2018, at 20:22, R0b0t1 <r03...@gmail.com
<mailto:r03...@gmail.com>> wrote:
On Wed, Mar 28, 2018 at 12:40 PM, Alex Efros <power...@powerman.name
<mailto:power...@powerman.name>> wrote:
Hi!
On Wed, Mar 28, 2018 at 06:06:00PM +0100, Robert Sharp wrote:
Does anyone know of a good, post GRSecurity guide to reasonable
security
for the kernel? In the absence of anything else I will have to go back
to the KSPP list and start removing stuff until I can get a stable
kernel.
I'm using https://github.com/minipli/linux-unofficial_grsec, but it
lacks
Spectre and Meltdown mitigation at the moment (see issues). Still, I
believe it's the best we can have now (better is probably paid
GrSec, but
AFAIK it's impossible or too costly to buy it for home or small
business).
Previous contributors have access to the code, but it doesn't seem
like there is any way to go that route anymore.