On 2017-08-19 13:01, Francisco Blas Izquierdo Riera (klondike) wrote: > El 19/08/17 a las 12:37, Aaron W. Swenson escribió: > > On 2017-08-15 17:01, Francisco Blas Izquierdo Riera (klondike) wrote: > >> Hi! > >> > >> I'd like to get this one up by Saturday so that we can proceed with > >> masking and removing of the hardened-sources after upstream stopped > >> releasing new patches. > > I hope I’m not too late. > > > >> We'd like to note that all the userspace hardening and MAC support > >> for SELinux provided by Gentoo Hardened will still remain there and > >> is unaffected by this removal. > > Where is there? I think you’re talking about the packages, but the news > > item is about the kernels. It would help to be more specific here. > > > > That’s all I had that the others hadn’t touched on. > > Do you think something like that is better then? > > We'd like to note that all the userspace hardening and MAC support > for SELinux provided by Gentoo Hardened will still remain available > on the portage. Keep in mind though that the security provided by > these features will be weakened a bit when using > sys-kernel/gentoo-sources. Also, all PaX related packages other than > the hardened-sources will remain available for the time being. > >
Much better. We should mention that we’re specifically discussing packages and not portage itself. At least, that’s my understanding from your edit. Here’s my take on it: We'd like to note that all the userspace hardening and MAC support for SELinux provided by Gentoo Hardened will still remain in the packages found in portage. Keep in mind, though, that the security provided by these features will be weakened a bit when using sys-kernel/gentoo-sources. Also, all PaX related packages, except sys-kernel/hardened-sources, will remain available for the time being.
signature.asc
Description: Digital signature
