[arch-dev-public] providing grsecurity in [community]

Tom Gundersen teg at jklm.no
Sat Apr 19 18:23:44 EDT 2014


On Sat, Apr 19, 2014 at 11:58 PM, Daniel Micay <danielmicay at gmail.com> wrote:
> On 19/04/14 05:25 PM, Tom Gundersen wrote:
>>
>> In short, work on grsec if you want, but please let's not use that as
>> an excuse to discourage people from working on similar features for
>> the main kernel.
>
> For example, if someone opens a bug asking to enable CONFIG_AUDIT again,
> will it really be accepted? The workaround for containers landed in systemd.
>
> http://cgit.freedesktop.org/systemd/systemd/commit/?id=24fb111

That is clearly not an acceptable long-term solution. As far as I know
audit is being fixed upstream to make this temporary work-around
unnecessary.

-t


More information about the arch-dev-public mailing list