grsecurity R.I.P.

=?utf-8?Q?Jyri_ =?utf-8?Q?Jyri_
Tue Dec 22 09:39:13 CET 2015


> I am not sure what you mean here. Genode can already execute Linux
> within a virtual machine (Seoul or VirtualBox) or as a paravirtualized
> version on top of the Fiasco.OC kernel. If this is not sufficient, what
> is your approach?

The problem in this approach is that the (virtualized) Linux instance is still running the same very insecure (if you ask me;) Linux kernel. Within the scope of the Linux kernel, there is nothing to limit the kind of hazards grsecurity is/was made to prevent.

To reiterate, what I would like to see is Linux (and/or BSD) kernel running directly on top of genode.



More information about the users mailing list