On Friday, June 3, 2016 at 2:39:49 AM UTC-4, [email protected] wrote:
> Hello I was wondering if Qubes might ever add Gresecurity in the future?I 
> think adding it would be great since you'll have a hardened kernel

It has been discussed before.  Alot of it is privilege escalation protections 
which would be meaningless in qubes.  Some of it would be nice.  Some people in 
the mailing list have claimed to got a grsec kernel working if you search it,  
but it might be more trouble then its actually worth.

I kind of believe in the philosophy that nothing is 100%,  there is no such 
thing as completely stopping attacks, if attacker is persistent enough and you 
continue to use the services you use a computer to enjoy,  you will be 
compromised eventually.  There will always be bugs till the end of the time and 
the best thing to do is just mitigate the damage.  For example in qubes the 
sys-net is assumed untrustworthy but it does its best to separate its exposure 
from rest of the system.

Not sure if you know this, but Brad Spengler, the developer of grsecurity,  
doesn't even use his own kernels.  He prefers to use windows.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f5d32976-bff9-4934-a039-8f8fb95cbeb8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to