jan.dvorak at sitronicsts.com
Thu Jul 31 07:51:10 PDT 2008
> Remeber HLFS is not considered stable so, I suggest do it in parts, I
> could start applying stack guard, then Fortify Code, then strl* patches
> , etc. Saving a whole grsecurity/RSBAC/PaX hardening to the end.
IMO fortify, strl* and maybe even stack guard should "just work",
GRSecurity is unintrusive kernel-only thing and RSBAC is not that
important to me. PaX may be a problem, for I don't have slightest idea
about ELF binaries and differences between the 32- and 64-bit variants.
Authors claim it is supported.
Damn, I mostly answered the original question I've given to you.
Apologies. As soon as I get myself some time, I'll try to build it. But
first, regular CLFS as a host system.
More information about the hlfs-dev