On Thu, Sep 22, 2011 at 3:20 PM, Michael Mol <mike...@gmail.com> wrote: > I'll assume for the moment that the hardened-sources patch set > discussed includes security improvements. > > My question is...what kinds? For what reason is there a set of "makes > it more secure" patches that aren't integrated into the mainline > kernel? Are they just not stable in some fashion? Do they exclude some > kernel functionality? Do they impact performance? > > What exactly is this patch set, and why is it separate?
I think it's essentially gentoo-sources with the grsecurity patchset on top. Check out the Gentoo Hardened website for better info about the Hardened project: http://www.gentoo.org/proj/en/hardened/