On Wed, Apr 11, 2012 at 1:17 PM, Kevin Chadwick <ma1l1ists_at_yahoo.co.uk> wrote:
> On Wed, 11 Apr 2012 11:16:21 +0000
> William Pitcock wrote:
>> A simple website containing information about the distribution can be
>> found here:
> Any plans for a grsecurity/pax enabled kernel?
> I jumped to arch for desktops basically for glibc/flash (sandboxed in a
> hardly used firefox) and am quite happy. I'll certainly keep an eye on
> it though.
I forgot to answer this question, because I got caught up in the other
Yes -- we plan on retaining support for grsecurity/pax kernels, but
they will kind of be considered for use by people who know the
implications of their kernel choice. Meaning that they won't be
necessarily a configuration that is recommended for use by most users
as PAX can introduce problems for desktop users.
I still feel that OpenBSD-style W^X is sufficient though, and could
probably be upstreamed fairly easily.
Received on Sat Apr 14 2012 - 00:47:32 UTC