Page MenuHomePhabricator

sponsor-BProject
ActivePublic

Members (2)

Watchers

  • This project does not have any watchers.

Recent Activity

Oct 24 2018

Patrick closed T468: package paxrat for offical debian.org repository as Resolved.

https://packages.debian.org/stretch/paxrat

Oct 24 2018, 10:08 AM · Whonix, bountysource, bounty, grsecurity, sponsor-B

Apr 29 2017

HulaHoop closed T301: make grsecurity kernel, grsecurity-installer work inside Whonix as Invalid.

upstream ceased open development: https://www.grsecurity.net/passing_the_baton_faq.php

Apr 29 2017, 6:20 PM · bountysource, bounty, grsecurity-installer, Whonix, sponsor-B
HulaHoop closed T203: grsecurity kernel installation instructions as Invalid.

upstream ceased open development: https://www.grsecurity.net/passing_the_baton_faq.php

Apr 29 2017, 6:20 PM · sponsor-B, grsecurity, research, security, Whonix

May 4 2016

Patrick updated the task description for T301: make grsecurity kernel, grsecurity-installer work inside Whonix.
May 4 2016, 9:37 PM · bountysource, bounty, grsecurity-installer, Whonix, sponsor-B

Apr 2 2016

Patrick updated the task description for T207: Build Debian Packages from Source Code.
Apr 2 2016, 7:46 PM · bountysource, bounty, sponsor-B, security, Whonix
Patrick updated the task description for T207: Build Debian Packages from Source Code.
Apr 2 2016, 6:27 PM · bountysource, bounty, sponsor-B, security, Whonix

Mar 1 2016

HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Unfortunately the maintainer said that its a big maintenance burden for him but is open to outside help. I asked for this functionality to be added as optional for the source package.

Mar 1 2016, 7:28 PM · sponsor-B, grsecurity, research, security, Whonix

Feb 29 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.
In T203#8183, @HulaHoop wrote:

Opened feature request:
linux-grsec-base: Multiple Compiled Grsec Kernels for Virtualization Compatibility
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816309

Feb 29 2016, 10:43 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Opened feature request:

Feb 29 2016, 7:40 PM · sponsor-B, grsecurity, research, security, Whonix

Feb 5 2016

HulaHoop added a comment to T203: grsecurity kernel installation instructions.

The author (Collin Childs) is associated with Tor

Feb 5 2016, 4:21 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick updated the task description for T468: package paxrat for offical debian.org repository.
Feb 5 2016, 1:05 PM · Whonix, bountysource, bounty, grsecurity, sponsor-B
Patrick updated the task description for T468: package paxrat for offical debian.org repository.
Feb 5 2016, 1:05 PM · Whonix, bountysource, bounty, grsecurity, sponsor-B
Patrick updated the task description for T468: package paxrat for offical debian.org repository.
Feb 5 2016, 1:04 PM · Whonix, bountysource, bounty, grsecurity, sponsor-B
Patrick created T468: package paxrat for offical debian.org repository.
Feb 5 2016, 1:04 PM · Whonix, bountysource, bounty, grsecurity, sponsor-B
Patrick added a comment to T203: grsecurity kernel installation instructions.

Having had a glimpse at the code, it is still missing tons of required
features. Almost everything listed in T301. Anyhow. Good to know.

Feb 5 2016, 12:26 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Coldkernel is a project that is better at what grsecurity-installer was meant to be:

Feb 5 2016, 7:15 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 28 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

There is no "no duplicate package" policy in that sense. There is a "no
duplicate source code" policy. [Compare: linux-image-686 vs
linux-image-686 are not considered duplicates either. Sharing the very
same source package.] Therefore linux-grsec-generic, linux-grsec-xen,
etc. should not be a policy issue.

Jan 28 2016, 10:17 AM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Not gonna happen. It took this long to package grsec for Debian because of their no duplicate packages policy so the patch had to be adjusted to work with the Debian flavor of the linux kernel.

Jan 28 2016, 4:14 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 27 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

What about separate binary packages per hypervisor?

Jan 27 2016, 3:30 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Could support for all hypervisors be enabled at the same time?

Jan 27 2016, 4:23 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 26 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

Could support for all hypervisors be enabled at the same time?

Jan 26 2016, 11:40 PM · sponsor-B, grsecurity, research, security, Whonix

Jan 25 2016

HulaHoop added a comment to T203: grsecurity kernel installation instructions.

The problem is the Debian kernel is not compiled with any virtualization support.

Jan 25 2016, 8:39 PM · sponsor-B, grsecurity, research, security, Whonix

Jan 22 2016

HulaHoop added a comment to T203: grsecurity kernel installation instructions.

What does not work? The package build/install or the grsecurity kernel itself?

Jan 22 2016, 3:37 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 21 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

You want softmode, right? So why use 'kernel.pax.softmode=0' instead of
'kernel.pax.softmode=1'?

Jan 21 2016, 6:11 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

What does not work? The package build/install or the grsecurity kernel
itself?

Jan 21 2016, 6:08 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

I tried manually testing the 05-grsec.conf settings with no success. Editing the original grsec.conf doesn't work too. (I tried with the kernel conf lock setting disabled). I don't know what to try now...

Jan 21 2016, 6:00 PM · sponsor-B, grsecurity, research, security, Whonix

Jan 19 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

debian/rules debian/control misses systemd entries.

Jan 19 2016, 9:59 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

OK did the changes but need to test package.

Jan 19 2016, 9:52 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

HulaHoop (HulaHoop):

> needs a license header.
Its all gplv3. Do you have an example?
Jan 19 2016, 5:49 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

needs a license header.

Jan 19 2016, 5:01 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

This can very well go to the testers and also the stable repository just
as any package. As long as it's not installed by default there really is
no reason a against it since it requires a manual action to install that
won't be happening accidentally without reading documentation.

Jan 19 2016, 12:20 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 18 2016

HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Some notes: When copying paxctld all my tabbing disappeared and the file looks hideous.

Jan 18 2016, 10:45 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

And how does corsac's repository help with that compared to Debian sid repository?

Jan 18 2016, 10:25 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

Yes. Let's go simple for start and then see where we get.

Jan 18 2016, 10:14 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

I'm almost done with the exceptions list. I merged some rules to cover Tor Browser and a few other binaries that weren't included. Changed some binary paths to reflect those on Debian...

Jan 18 2016, 10:00 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

Why are we back to using corsac's repository? Why not use Debian sid repository and apt pinning instead?

Jan 18 2016, 9:55 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Yes. Merge the first two packages.

Jan 18 2016, 4:55 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

Yes. Merge the first two packages.

Jan 18 2016, 2:58 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Package roadmap:

Jan 18 2016, 5:32 AM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

To obtain a binary package or source package to compile?

Jan 18 2016, 5:15 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 17 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

To land a grsec kernel ASAP we can use corsac's Jessie repo.

Jan 17 2016, 8:55 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

To land a grsec kernel ASAP we can use corsac's Jessie repo.

Jan 17 2016, 5:40 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

All we need is a dpkg hook and a conf file for paxctld (the latter mirrors the Arch Linux one)

Jan 17 2016, 4:18 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

My last comment is wrong. David's description is on point.

Jan 17 2016, 3:39 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.
Jan 17 2016, 1:27 AM · sponsor-B, grsecurity, research, security, Whonix

Jan 16 2016

Patrick added a comment to T203: grsecurity kernel installation instructions.

Can you shed light on paxctld vs paxrat?

Jan 16 2016, 7:54 PM · sponsor-B, grsecurity, research, security, Whonix

Jan 11 2016

HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Good question. I asked upstream because it depends on what direction they'll take:

Jan 11 2016, 11:55 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

Do you think paxrat will require a .d config file folder? Would we need a custom paxrat.conf?

Jan 11 2016, 10:55 PM · sponsor-B, grsecurity, research, security, Whonix
HulaHoop added a comment to T203: grsecurity kernel installation instructions.

Do you think paxrat will require a .d config file folder?

Jan 11 2016, 9:51 PM · sponsor-B, grsecurity, research, security, Whonix
Patrick added a comment to T203: grsecurity kernel installation instructions.

Do you think paxrat will require a .d config file folder? Would we need a custom paxrat.conf?

Jan 11 2016, 6:52 PM · sponsor-B, grsecurity, research, security, Whonix