Re: NSA software in Debian
On Wed, 2014-01-22 at 15:01, Marko Randjelovic wrote:
> On Sun, 19 Jan 2014 21:17:03 -0800
> Andrew Merenbach <andrew@merenbach.com> wrote:
> > I just decided to try this out the other day on my Wheezy 7.3 install.
> > It wasn't that painful and I haven't noticed any performance impact or
> > misbehaving (read: broken) programs, at least not yet. Then again, I
> > haven't done real benchmarks.
> Yes, most features doesn't make significant performance impact.
> > It appears that this patch is available in the apt repos under the
> > "kernel" section (sensibly enough) as:
> >
> > linux-patch-grsecurity2
> >
> > Once it's downloaded, it patches the kernel in an automated fashion and
> > doesn't force a reboot (although I believe you still need one to make it
> > effective, I suppose).
> AFAIK, it's for kernel 3.2.21, I don't see how could it work with
> Wheezy kernel - 3.2.51.
I found it a lot easier to go with vanilla kernel and grsec/pax patch
instead of using Debian kernels.
> > That said, since it's a kernel patch, /caveat emptor/... your mileage
> > may vary. And maybe some prefer to customize the options for the patch
> > being applied. ;)
--
Kind regards, Milan
Reply to: