On Mon, 2005-12-05 at 12:04 +0100, Max Lorenz wrote: > Hi all. > > On a server I'd normally only update for security and bug fixes or new > stuff I'm interested in and until now I pretty much skipped toolchain > updates. But in the light of the recent binutils, gcc, etc. updates > and as the toolchain contains much of the hardened logic (pie, ssp) my > question is: should I always update to the latest (stable) toolchain > packages, especially from a security POV? I'm running grsecurity and > PaX w/o RBAC if that matters.
I don't think the toolchain (3.3.x vs 3.4.x) matter from a sec POV. > Another question. How long will 2.4 kernels be supported by the > Hardened project? Because IIRC grsecurity and RSBAC still recommend > the usage of 2.4 kernels as default. hardened-sources-2.4.32 was marked stable yesterday. It will be supported till such time as it can't be or all existing developers have lost interest. I can't really see that happening anytime soon, but the pace is for sure slowing down. -- Ned Ludd <[EMAIL PROTECTED]> Gentoo Linux -- [email protected] mailing list
