Mail archive
alpine-devel

Re: [alpine-devel] grsec go or no-go call for 3.6

From: William Pitcock <nenolod_at_dereferenced.org>
Date: Thu, 27 Apr 2017 01:34:23 -0500

Hello,

On Wed, Apr 26, 2017 at 2:02 PM, Natanael Copa <ncopa_at_alpinelinux.org> wrote:
> On Wed, 26 Apr 2017 12:42:04 -0500
> William Pitcock <nenolod_at_dereferenced.org> wrote:
>
>> Hello,
>>
>> On Wed, Apr 5, 2017 at 11:02 PM, Jens Staal <staal1978_at_gmail.com> wrote:
>> > Arch linux is using grsec on kernel 4.9.
>> >
>> > https://www.archlinux.org/packages/community/i686/linux-grsec/
>> >
>> > Perhaps it would be good to ask that maintainer what their plans are.
>> > I did not find any new announcements on the grsec web page except the
>> > announcement from 2015 where they explicitly say that they still want that
>> > the patches are available for the hardened Arch and Gentoo projects.
>>
>> https://grsecurity.net/passing_the_baton.php
>>
>> Its official now. Which means we need to revisit this. Do we want
>> the exposure for 3.6?
>
> I'd like to keep the grsec patch for 3.6. However, we need rename it. I
> think we should call it 'linux-hardened'. That way we can remove the
> patch later or switch to something else in future.

I took care of this in edge/3.6 already. Whenever the current blocks
on the builders are resolved, this should go in fine.
It passed a local rebuild anyway.

When people upgrade their system, it will transition them to
linux-hardened if they have linux-grsec as soon as it lands.

William


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Apr 27 2017 - 01:34:23 GMT