Re: [gNewSense-users] Grsecurity on gNewSense, but for real?

[Sam Geeraerts]

Op Tue, 03 Sep 2013 23:44:19 +0000
schreef address@hidden:

> But if on gNewSense the pristine kernel can not be accomodated as in
> Debian, pls. let me know, because then I am treading the path that
> does not really have protection for my system, because I don't
> believe there is any true protection in GNU/Linux with anything else
> that is not Grsecurity/Pax, and without true security there is no
> true freedom, what do you make of puritanist-free from all-and-any
> proprietories packages OS if you don't have privacy to use that
> machine you installed it on, as soon as you're on the internet?...
> The letter is fundamental to freedom, and the purely free packages
> the icing on top of it. And for the day that Grsecuriy/Pax will be
> deployed on deblobbed kernels, for that day I live to see!

Software freedom is a prerequisite for privacy and security, so you're
better off with a free operating system to which you can add components
for better privacy (albeit with some effort) than with a system that
claims to give you privacy but carries unverifiable blobs. gNewSense's
kernel source package is the result of running Linux-libre's
deblob script on Debian's kernel source. I did not check if the
Grsecurity/Pax patch applies to it cleanly.