Hi zimbatm,
> On Aug 1, 2016, at 12:57 PM, zimbatm <[email protected]> wrote: > > Yeah the wiki is definitely outdated, it's been in read-only mode for a while > now. Ah, that’s good to know, thanks. In that case, would you recommend I just use the config options detailed in the grsecurity module for configuration? Is that module “ready to go”? > If you like security check out also > https://github.com/NixOS/nixpkgs/pull/12895 > <https://github.com/NixOS/nixpkgs/pull/12895> I did see that issue on GitHub, yeah. I’ve been trying to work out if I can use it (and also how!). Would it be as simple as checking out that branch of nixpkgs in my local repo and hitting nixos-rebuild switch? That sounds far too easy... Thanks! Matt > Cheers, > z > > On Mon, 1 Aug 2016 at 20:51 Matthew Robbetts <[email protected] > <mailto:[email protected]>> wrote: > Hi Nixers, > > I’m interested in setting up grsecurity/PaX protections on my nix machine. My > googling led me quickly to: > https://nixos.org/wiki/Hardened_NixOS <https://nixos.org/wiki/Hardened_NixOS> > > which makes perfect sense. I’m coming from Gentoo anyway, and the Hardened > project there is familiar to me. The instructions there (basically add kernel > options) have also worked just fine (at least, they have affected the outcome > from running paxtest). > > However, I then noticed the existence of > nixos/modules/security/grsecurity.nix, which appears to me to automate some > of this, but is not mentioned at all on the wiki. Is this module the > preferred way to enable grsecurity, and the wiki just needs updating? > > > Ta, > Matt > _______________________________________________ > nix-dev mailing list > [email protected] <mailto:[email protected]> > http://lists.science.uu.nl/mailman/listinfo/nix-dev > <http://lists.science.uu.nl/mailman/listinfo/nix-dev>
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
