On Friday, June 17, 2016 at 11:55:40 AM UTC-4, Sandy Harris wrote:
> Lorenzo Lamas <[email protected]> wrote:
> >
> > On Wednesday, June 15, 2016 at 6:31:23 AM UTC+2, Sandy Harris wrote:
> >>
> >> It may not be necessary. There is a kernel hardening project
> >> which is bringing some of the grsecurity & PaX stuff into the
> >> mainline kernel.
> >> http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project
> >
> >
> > May not be objective coming from the grsecurity dev, but the kernel
> > hardening project should be taken with some salt:
> > https://forums.grsecurity.net/viewtopic.php?f=7&t=4476
> 
> In security work, more-or-less everything should be taken with
> salt, but you make a good point.
> 
> The main argument on the other side, as I understand it (salt
> needed here too), is that kernel developers want bite-size
> patches,incremental stuff that changes one thing at a time
> and can be tested independently. grsecurity does not provide
> those, so it is unlikely to ever be incorporated into the
> mainline kernel.
> 
> The hardening project mostly takes good ideas from grsecurity
> and other sources and massages them into a form that is
> likely to produce patches that mainline kernel developers
> will accept.

hi what do you mean by takened with salt?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e4189423-5e4b-4c85-a3fc-375f10bec2a2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to