[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] KUSE....
From:       Terje Kvernes <terjekv () math ! uio ! no>
Date:       2001-12-29 3:25:29
[Download RAW message or body]

Martin Schlemmer <azarah@gentoo.org> writes:

  [ snippage ]

> As it is now, all the patches you can enable/disable during 'make
> menuconfig', so in having them all already applied, should be no
> hassle in my opinion.

  the only issue can be stability. even if a patch goes in cleanly, it
  _might_ affect stability. 
 
> I also do not think we should include grsecurity. It is like I
> already stated, a invasive patch, touching from FS to NET/NETFILTER
> code. And, it being what it is, most people will not run it except
> on a very high risc server that absolutely need that extra security.

  or, in other words, people who actually need grsecurity should be
  capable of patching their kernel for their specific need by
  themselves.

> For a desktop box for instance, it just cause too many hassles
> (sound problems, games like UT, etc just getting killed at start,
> etc).

  if one will experience this kind of problems with grsecurity then it
  certainly shouldn't be a part of the core kernel of any distribution
  aiming to be used on anything but servers. and honestly, if you want
  this kind of protection, your distribution isn't that much of an
  issue. you have to fix a lot of stuff anyway. unless you go to
  openBSD or something. :)
 
> This in *my* opinion falls into the 'do it yourself' catagory.

  AOL.

-- 
Terje - who has yet to get a proper testbox for Gentoo. *sigh*

[prev in list] [next in list] [prev in thread] [next in thread]