On 20/07/15 12:03 AM, Gaetan Bisson wrote:
[2015-07-19 16:37:42 +0200] Jan Alexander Steffens:
I recently noticed we have community/linux-grsec. Do we have a stance on additional kernels? I vaguely remember some stigma against it but not the details. Maybe I'm completely wrong.
For reference, it was discussed there:
https://lists.archlinux.org/pipermail/arch-dev-public/2014-April/026170.html
From what I remember, essentially, quite a few people were against officially supporting another kernel
I know you were very opposed to it, but my impression was that others either just had concerns about it (which were addressed), didn't care or supported the idea. There were concerns about whether packagers for out-of-tree modules would need to worry about it and users potentially reporting bugs for the wrong package. The latter issue did happen once or twice before I added a prominent note to the wiki page about it. There was strong opposition to adding exceptions from the PaX userspace exploit mitigations to other packages, so I put support for that small set of features on the backburner and then approached it another way: https://github.com/thestinger/paxd/blob/master/paxd.conf Most of the features didn't require any integration work.