> what are the significant differences between grsec and hardened? Most grsecurity features will not be available, notably RAP, hide symbols, hide proc, hide sys, and module hardening. Perhaps one day they will. A list of their upstreaming progress can be found here: https://github.com/thestinger/linux-hardened/wiki#upstream-progress-tracking
Otherwise the changes are largely flipping kernel switches, such as enabling SELinux by default. So far hardened appears to be the primary project to continue provisioning public grsecurity-esque benefits. > And that's the version of linux-libre-grsec which was wrongly marked > out-of-date, because we do not support this kind of software. My understanding of GPLv2 is that if the sole copyright holder re-licenses their software, this is not retroactive to previously distributed releases nor outwardly applicable to forks. Furthermore, as grsecurity did not re-license the test patches, it merely stopped offering them, the scenario is no different than had grsecurity simply shut down. Under this scenario, the out-of-date notice remains correct. Whether using a no longer maintained kernel release is a good idea is another matter entirely. Btw, >Flagged out-of-date on 2017-04-21 This was 4 days before grsecurity ceased providing public test patches. -jc
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Dev mailing list Dev@lists.parabola.nu https://lists.parabola.nu/mailman/listinfo/dev