Mailing List Archive

2017-05-02 18:55 GMT+02:00 wabe <wabenbau@gmail.com>:
> Is the kernel of HardenedBSD also concerned by the decision of
> grsecurity folks?


No. NetBSD and FreeBSD have their own MPROTECT/ASLR/Segvguard implementation.

https://hardenedbsd.org/content/projects

> If not, is it possible to use this kernel with
> gentoo (Gentoo/FreeBSD)?

I did not use, but don't see a problem.

Test. Im using hardenedbsd and work great !! Have almost all options which
grsec has. And fully based on BSD lincense which is great ! Still
developing and still news features .

02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com> napisa?(a):

> Is the kernel of HardenedBSD also concerned by the decision of
> grsecurity folks? If not, is it possible to use this kernel with
> gentoo (Gentoo/FreeBSD)?
>
> --
> Regards
> wabe
>
>

If i good remamber aslr in hbsd has more bits then grsec.
Featuers of hbsd:
http://hardenedbsd.org/content/easy-feature-comparison

2017-05-02 19:16 GMT+02:00 bryn1u85 . <m.bryn1u@gmail.com>:

> Test. Im using hardenedbsd and work great !! Have almost all options which
> grsec has. And fully based on BSD lincense which is great ! Still
> developing and still news features .
>
> 02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com> napisa?(a):
>
>> Is the kernel of HardenedBSD also concerned by the decision of
>> grsecurity folks? If not, is it possible to use this kernel with
>> gentoo (Gentoo/FreeBSD)?
>>
>> --
>> Regards
>> wabe
>>
>>

Hi, at first sight hardenedbsd MAC is based on BIBA integrity model, is
not RBAC, is a MAC system as Bell-LaPadula MAC alike but not focused on
confidentiality but integrity instead (basically the same three rules
but inverted). RBAC is too much powerful than MAC and very much flexible





On 02/05/17 19:16, bryn1u85 . wrote:
> Test. Im using hardenedbsd and work great !! Have almost all options
> which grsec has. And fully based on BSD lincense which is great ! Still
> developing and still news features .
>
> 02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com
> <mailto:wabenbau@gmail.com>> napisa?(a):
>
> Is the kernel of HardenedBSD also concerned by the decision of
> grsecurity folks? If not, is it possible to use this kernel with
> gentoo (Gentoo/FreeBSD)?
>
> --
> Regards
> wabe
>

HardenedBSD really needs developers, i saw lattera wanted to implement
RBAC for hardenedBSD : https://github.com/HardenedBSD/HardenedBSD/issues/235

On 05/02/2017 08:06 PM, Javier Juan Martinez Cabezon wrote:
> Hi, at first sight hardenedbsd MAC is based on BIBA integrity model, is
> not RBAC, is a MAC system as Bell-LaPadula MAC alike but not focused on
> confidentiality but integrity instead (basically the same three rules
> but inverted). RBAC is too much powerful than MAC and very much flexible
>
>
>
>
>
> On 02/05/17 19:16, bryn1u85 . wrote:
>> Test. Im using hardenedbsd and work great !! Have almost all options
>> which grsec has. And fully based on BSD lincense which is great ! Still
>> developing and still news features .
>>
>> 02.05.2017 6:57 PM "wabe" <wabenbau@gmail.com
>> <mailto:wabenbau@gmail.com>> napisa?(a):
>>
>> Is the kernel of HardenedBSD also concerned by the decision of
>> grsecurity folks? If not, is it possible to use this kernel with
>> gentoo (Gentoo/FreeBSD)?
>>
>> --
>> Regards
>> wabe
>>
>