Re: Linux 3.2: backports some features from mainline kernel (3.7)?
On Thu, Dec 20, 2012 at 03:46:14PM +0100, daniel curtis wrote:
> Hi,
>
> I already asked this question on debian-security@ mailing list, but
> Mr Cyril Brulebois suggested, that a better place to ask this question
> is a debian-kernel@ mailing list. It is pretty the same question - just
> copied.
>
> Kernel 3.7 is officially out. This Linux release includes many improvements
> practically in every aspect. Many changes also concerns security. Very
> interesting are: Cryptographically-signed kernel modules
This seems to be too big a change to make now. And there is already
'sysctl kernel.modules_disabled=1'. That provides the same or greater
security, though it is not as convenient (you have to load all the
modules you may need first).
> and - long awaited -
> symlink and hardlink restrictions (already in Linux 3.6), but it broke some
> programs, so it has been disabled by default, right?
[...]
Already backported and enabled by default in the Debian package.
Ben.
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus
Reply to: