Subj : Re: do you have a fix ?
To   : Benny Pedersen
From : Static
Date : Fri Feb 09 2018 00:08:29

On 02/08/18, Benny Pedersen said the following...
 
 BP> so code is now lost ?, or just unmaintained ?

Open Source Security (who develops Grsecurity) is a commercial interest and
they only make their patch sets available to paying customers. Until recently
they allowed beta test versions of their patches to be downloaded and used by
the general public, and it was these that the hardened-sources maintainers
adapted to their kernel package.

Technically OSS can't actually stop anyone from releasing the patch sets
because of the GPL but given that we're not seeing them widely available I
imagine they must be pretty efficient at terminating leaky subscriptions.

 BP> but i think linux could be hardedned in many other ways, make more secure
 BP> permisions could be a start

Sure, but the core of the hardened-sources package was the grsec patch set.
Most other hardening methods are now incorporated into the 17.x profiles
based around the gentoo default kernel package and activated by flags.

--- Mystic BBS v1.12 A38 2018/01/01 (Linux/64)
 * Origin: Subcarrier BBS (1:249/400)

.