[CentOS-devel] interest in a grsec / hardened kernel

Thu Aug 21 16:48:20 UTC 2014
Ned Slider <ned at unixmail.co.uk>

On 17/08/14 10:45, Ned Slider wrote:
> On 12/08/14 13:08, Nux! wrote:
>> Hi,
>>
>> The closest we got to grsec in EL6 is kmod-tpe from ElRepo, perhaps that could be done for EL7, too.
>>
>> Tbh I'd love a grsec hardened centos kernel in centosplus. :-)
>>
>> Willing to test.
>>
>>
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>>
> 
> I've spent some time looking at getting TPE to build under RHEL7, but
> due to the API changes it's not something I can easily fix.
> Unfortunately it looks like TPE is no longer being actively maintained.
> It's a real shame IMHO as I consider kmod-tpe to be a great addition to
> the sysadmin's toolbox for system hardening.
> 
> 

Further to some work by the upstream developer, elrepo now has updated
kmod-tpe packages (kmod-tpe-1.0.3-990.git20140821) for all dist/arch's
(except el5 32bit at present) in the elrepo-testing repository. Consider
these a beta/testing release subsequent to a version 1.0.4 release.

So we don't unnecessarily clutter the centos-devel list, further
discussion is welcome at the elrepo mailing lists (unless the CentOS
guys specifically want to keep discussions here).


>> ----- Original Message -----
>>> From: "Karanbir Singh" <mail-lists at karan.org>
>>> To: centos-devel at centos.org
>>> Sent: Tuesday, 12 August, 2014 11:30:33 AM
>>> Subject: [CentOS-devel] interest in a grsec / hardened kernel
>>>
>>> hi
>>>
>>> Is there any interest ( ie. would people be willing to help ) get a
>>> grsec and/or otherwise hardened kernel for CentOS-6/7 ? I dont think its
>>> worth putting in the effort into CentOS-5 at this point.
>>>
>>> Regards
>>>
>>> --
>>> Karanbir Singh
>>> +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
>>> GnuPG Key : http://www.karan.org/publickey.asc