[Nix-dev] Fwd: Hardened Linux kernel with grsec/PaX + AppArmor

[phreedom at yandex.ru]

В письме от Среда 07 августа 2013 16:56:05 пользователь Ricardo M. Correia 
написал:
> I am interested in grsecurity mostly because of the many generic
> improvements that you mentioned.
> 
> The reason I'm using Apparmor for process confinement is that NixOS
> supports it already. In the near future I would like to use grsec's RBAC
> system instead of Apparmor, as it seems just as simple but more secure.
> 
> But since Apparmor already worked and the grsecurity kernel patch includes
> the apparmor patches, I did not feel the urgency to replace Apparmor with
> RBAC right now.

Would be an interesting experiment nevertheless.

Good job!