On 19/04/2014 01:21, Connor Behan wrote: > On 18/04/14 04:09 AM, S?bastien Luttringer wrote: >> On 16/04/2014 06:09, Daniel Micay wrote: >>> I don't think it makes sense to bother with the >>> nvidia module because it would be a bit silly to mix it with grsecurity. >>> >> Why user with nvidia cards should be deprived of grsec security enhancement? > Because the use of closed-source kernel modules is inherently insecure > anyway. > We use closed-source components on our computer everyday (BIOS, firmwares) because we trust hardware provider like Nvidia. I wouldn't says that people who have Nvidia cards and run Nvidia drivers are in an "inherently insecure" situation.
There are features in grsec which can be useful even with an Nvidia module (hide others users process, restricted ipc, etc). -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
signature.asc
Description: OpenPGP digital signature
