After re-reading the official announcement, rather than the one I saw on
a tech news website, it appears only hardened-sources are being pulled
rather than the whole project. That is good news. For a moment I thought
all the PaX files were being removed, which would be a major blow to
security for those who need it.
Per announcement:
Also, all PaX related packages, except
sys-kernel/hardened-sources, will remain available for the time being.
https://www.gentoo.org/support/news-items/2017-08-19-hardened-sources-removal.html
I guess I can live with an overlay for now, although
unofficial-hardened-sources would make a nice addition to the entire
project, they are very stable for me. Thank you again and keep up the
good work.
On 2017-08-23 10:10, b...@cadamail.com wrote:
Hello Everyone,
I just heard that gentoo-hardened will be scrapped by end-of-month.
Well, I have some good news - it doesn't have to be. A project has
risen up to continue supporting the patch on future kernels and I have
been running it successfully for over a month with the stock hardened
profile.
You can download the patches here, they are also GPG signed:
https://github.com/minipli/linux-unofficial_grsec/releases
So-called "linux-hardened project (KSPP)" and "SELinux" do not even
slightly compare at their current stage of development in terms of
kernel hardening and PaX protection. In the mid-term, I would
recommend using these forward patches for hardened-LTS 4.9.x and hope
Gentoo-hardened will continue for awhile longer while we wait for
further improvements.
Thank you for your time and concern.