grsecurity on 2.6.0 kernels??

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

grsecurity on 2.6.0 kernels??

Postby Serp0 » Mon Feb 23, 2004 12:24 pm

well my asking is the same about the topic

could be possible any development or happen anything about kernel??


thanks see ya :)
Serp0
 
Posts: 4
Joined: Fri Feb 20, 2004 9:18 am

Postby jbarton » Sun Mar 07, 2004 2:43 pm

I have not seen much discussion in the forums on the status on grsecurity and the 2.6.x kernels. I am sure the developers are getting tired of this question being asked, but can we have a status update on the 2.6.x patches? Is there development code somewhere that I can help test? I consider grsecurity a must have to run a kernel in most environments, and would help with testing in any way possible
jbarton
 
Posts: 3
Joined: Tue Mar 05, 2002 4:51 pm

Postby Sleight of Mind » Sun Mar 07, 2004 2:59 pm

to be honest grsec is made for servers, since the kind of security grsec provides is not really important on desktop machines.
Since stability and security are the most important things regarding servers i suggest sticking with 2.4 for quite a while longer. 2.6 is far from stable and not really considered an option for (production) servers. Look at the rate new progressive stuff is merged into 2.6 at this time, those new things need some testing first before we move all our servers to it.
Sleight of Mind
 
Posts: 92
Joined: Tue Apr 08, 2003 10:41 am

Postby jbarton » Sun Mar 07, 2004 3:19 pm

I agree that 2.6 is not the best choice for most servers. I would tend to disagree, however, that it is not an option. I have approximately 60 servers under my direct control at work, and although 90% of them run 2.4, I have several that run on 2.6, and have been since the test series, and they perform very well. They have been just as stable as the 2.4 servers have been so far. I run 2.6 on these servers knowing what could happen, but use them as a test platform for the 2.6 kernel. What I would like to do is to also use them for testing grsecurity, so that the 2.6 code can get better faster. I am not a programmer, but I want to help development any way possible
jbarton
 
Posts: 3
Joined: Tue Mar 05, 2002 4:51 pm

Postby Sleight of Mind » Sun Mar 07, 2004 7:04 pm

Testing is always Ok of course, that's the only way of maturing 2.6 after all. I have read/heard that grsec is being ported to 2.6 at the moment. Unfortunately there isn't any of this in the CVS yet, so i guess we will just have to wait.

-Rik
Sleight of Mind
 
Posts: 92
Joined: Tue Apr 08, 2003 10:41 am


Return to grsecurity support