[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian should not modify the kernels!

On Sat, 27 Sep 2003, George Danchev wrote:
> > Why not? It's a package. We modify it as we need to in order to provide
> > functionality and satisfy the needs of our users. I'm perfectly willing
> > to bet that more of our users are interested in a functional ipsec stack
> > than are interested in the grsecurity patch.
> I think this is not a gamble story to make a bet. I as an debian user am sorry 
> to hear that from you. This is simply unfair. Do in mind that there is no 
> sane way to understand if users prefer ipsec or grsec to be included by 
> default in kernel-source-<version>. Both ipsec (freeswan) and grsec kernel 
> patches are not security fixes, they do not fix existing security holes, they 
> are security enhancements. They both deserve to be included as 
> kernel-patch-<feature> packages...
Well... as 2.6 is coming out really soon, ipsec is in a lot better 
position than grsec.  Also, you will _have_ to port grsec to 2.6 (or 
abandon it), and 2.6 will have ipsec in the upstream sources.  The only 
difference lies in needing to do the porting work a bit sooner.


/-----------------------\ Shh, be vewy, vewy quiet,
| kilobyte@mimuw.edu.pl | I'm hunting wuntime ewwows!
Segmentation fault (core dumped)

Reply to: