[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-hardened
Subject:    Re: [gentoo-hardened] Obtaining a Xen/SELinux/PaX/GRSecurity kernel
From:       Panagiotis Atmatzidis <p.atmatzidis () gmail ! com>
Date:       2006-05-14 11:27:01
Message-ID: 44671405.8020007 () gmail ! com
[Download RAW message or body]

Peter S. Mazinger wrote:
> On Sun, 7 May 2006, Alex Efros wrote:
> 
>> Hi!
>>
>> On Sun, May 07, 2006 at 12:28:40AM -0400, Kevin wrote:
>>> If I wanted all four of the Xen/SELinux/PaX/GRSecurity patch sets
>>> incorporated into a kernel, any recommendations for doing this?
>> AFAIK hardened-sources already contain SELinux+PaX+GRSecurity.
> 
> I would say hardened-sources have either SELinux-PaX or PaX/GRSecurity
> 
> Peter
> 

Yes and it's a good practice to keep the security models separated even 
on ml posts. I was a bit confused myself at the beginning and I found 
many users who are confused even though they use one of the security 
models mentioned above. Many people think that they can use rsbac + 
grsecurity + SELinux all together, which in theory[1] is possible but it 
makes no sense and turns the box into something unusable.
So, be nice with newcomers and try not to confuse them :-)


[1] A guy told me that he installed all the 3 sec models in his test box 
once upon a time.
-- 
gentoo-hardened@gentoo.org mailing list

[prev in list] [next in list] [prev in thread] [next in thread]