On Friday, June 17, 2016 at 11:55:40 AM UTC-4, Sandy Harris wrote: > Lorenzo Lamas <[email protected]> wrote: > > > > On Wednesday, June 15, 2016 at 6:31:23 AM UTC+2, Sandy Harris wrote: > >> > >> It may not be necessary. There is a kernel hardening project > >> which is bringing some of the grsecurity & PaX stuff into the > >> mainline kernel. > >> http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project > > > > > > May not be objective coming from the grsecurity dev, but the kernel > > hardening project should be taken with some salt: > > https://forums.grsecurity.net/viewtopic.php?f=7&t=4476 > > In security work, more-or-less everything should be taken with > salt, but you make a good point. > > The main argument on the other side, as I understand it (salt > needed here too), is that kernel developers want bite-size > patches,incremental stuff that changes one thing at a time > and can be tested independently. grsecurity does not provide > those, so it is unlikely to ever be incorporated into the > mainline kernel. > > The hardening project mostly takes good ideas from grsecurity > and other sources and massages them into a form that is > likely to produce patches that mainline kernel developers > will accept.
hi what do you mean by takened with salt? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e4189423-5e4b-4c85-a3fc-375f10bec2a2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
