GithubHelp home page GithubHelp logo

Comments (6)

a13xp0p0v avatar a13xp0p0v commented on July 21, 2024 1

Hi Krish,

This approach can be called "creating a kernel flavour". Some distros do that.

For example, see:

from kernel-hardening-checker.

krishjainx avatar krishjainx commented on July 21, 2024 1

For sure, this project is perhaps one of the best and most usable for kernel hardening and I would definitely be able to help if you can get started or others with implementing this. Thank you!

from kernel-hardening-checker.

krishjainx avatar krishjainx commented on July 21, 2024

Yes, thank you I understand that but how would I have your script/tool change the .config to be more hardened and then have that grab new kernel sources and automatically build like if I was to hold a COPR?

from kernel-hardening-checker.

a13xp0p0v avatar a13xp0p0v commented on July 21, 2024

Thanks Krish, now I see what you mean.

There is an enhancement #67. Maybe it would help to solve your task.

Create a tool that changes kconfig options according the recommendations

It should use the JSON output of kconfig-hardened-check and work with kconfig with kconfiglib.

What do you think?

from kernel-hardening-checker.

krishjainx avatar krishjainx commented on July 21, 2024

It would be incredibly useful to instead of being developing sideways independent projects like linux-hardened or grsecurity to be working more close with upstream like you are - getting all the performance improvements, bug fixes and applying all available "vanilla" security fixes and pushing this to distributions using that tool. Then people can work off it. Even if it's not "revolutionary" I definitely believe in the long term it would help make Linux even better!

from kernel-hardening-checker.

a13xp0p0v avatar a13xp0p0v commented on July 21, 2024

I can't comment about grsecurity. This topic is complex... Anyway, they are pioneers in kernel security hardening.

The goal of KSPP is to develop kernel self-protection features for the mainline kernel. I hope my kconfig-hardened-check project also promotes these security features among Linux distros.

from kernel-hardening-checker.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    šŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. šŸ“ŠšŸ“ˆšŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ā¤ļø Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.