Linux kernel v4.14 has a bunch of security features I'm excited about: https://outflux.net/blog/archives/2017/11/14/security-things-in-linux-v4-14/ …
-
-
Now, if distros shipped a package that would build a randstruct kernel locally and threw away the random value afterwards, that might be more interesting. Something like DKMS, but for the whole kernel.
-
Ah I see. Is compiling the whole kernel on every kernel update feasible in terms of compile-time? Maybe shipping a pre-optimized (as much as possible) LLVM bitcode file or similar would reduce compile time.
-
It might be possible. Just takes someone who wants to spend the time to investigate it. Maybe look to Gentoo for hints?
-
OK. Thanks for the answers :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.