[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian should not modify the kernels!

martin f krafft <madduck@debian.org> wrote:
> I am the kernel-patch-2.4-grsecurity maintainer, and I have been
> flooded with grave and important bugs ever since kernel version
> 2.4.20, since grsecurity does not apply to these kernel versions
> anymore. It doesn't apply to the Debianised versions of these
> kernels anymore, it applies to the vanilla kernel just fine.

I've got a few points for you:

* The vanilla kernel source is readily available:

apt-get install kernel-source-2.4.22 kernel-patch-debian-2.4.22
tar xjf /usr/src/kernel-source-2.4.22.tar.bz2
cd kernel-source-2.4.22

* The IPSEC backport can be easily reversed by unapplying
the patches given in the README.Debian file.

* The IPSEC backport has minimal effect on the binary images.  It
has no effect unless you load the relevant modules.  The increase
in size is tiny compared to the increases brought on by ACPI and
compiler changes.  

So either get the people who're complaining to you to unapply the
IPSEC patch, or fix your patch instead.
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to: