Holly Bostick <[EMAIL PROTECTED]> wrote: > Michael Haan schreef: > > I *think* I know what they are, what risk do I run by using them? > > ... > The kernel doesn't get any more risk-free than vanilla-sources, because > if those sources are broken then Linux is broken.
Uh oh, in that case we all are in trouble! :) I grab my sources directly from kernel.org and then apply the patch from grsecurity.org. Then I can choose what security features to enable, and it's a little adventure. What I used to do (when I was running Slackware rather than Gentoo) is grab kernel.org sources and then apply the patch from openwall.com, and there also I could choose security features, though there was less adventure. :) There's a lot of room for doing things differently from the kernel sources that happen to be in portage. Generally speaking, if you are concerned about security you would want to use Linux 2.4 (or perhaps even 2.2 or 2.0) instead of Linux 2.6, but with Gentoo AMD64 only 2.6 is supported, so you work with what you've got. -- [EMAIL PROTECTED] http://www.chemoelectric.org
pgpguefynHIR3.pgp
Description: PGP signature
