Index of /gnu/deb/linux-image-4.9.70-grsecunoff-171220-11

 NameLast modifiedSizeDescription

 Parent Directory   -  
 linux-firmware-image..>2018-02-14 11:59 0  
 linux-headers-4.9.70..>2018-02-14 11:59 0  
 linux-image-4.9.70-u..>2018-02-14 11:59 0  
 linux-libc-dev_4.9.7..>2018-02-14 11:59 0  
 ls-1 2017-12-21 07:09 341  
 ls-1.sum 2017-12-21 07:09 605  
 ls-1.sum.asc 2017-12-21 10:25 833  

grsec-unoff deb packages
#######-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#######
 Pls. check if these are the most recent:
linux-deb-grsec-current
#######-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#######
        
        #########################
        #        WARNING:       #
        #########################

I myself am unsure if PSP, the AMD's own version of Intel Management Engine or some
exploit is at work in my system. But it does not look to be overpowering my control of the
system. I don't seem to have been b0rked nor powned, although the story is not over yet.

There are crashes that we haven't yet been able to discover the reason of, starting from:

NULL pointer deref in do_blockdev_direct_IO()

but also the later issues, starting from 17 and up to, currently, issue 21 there.

Pls. do notice in the issue 13 that the crashes are at one time limited to
vanilla kernel, not the grsec-unoff kernels (including the then version of the
all-modules-for-any-system you can download here --which I always test on my
system first-- and which I'm running as I'm posting this).

No more crashes --not saying they're not going to be back; we don't know yet whence those
crashes.

You may have a look at:

Strange Bash under grsecurity's exec logging

which I haven't updated with new information though.

All that first, and then, if you feel like testing, go ahead.

But don't blame me! I have not withheld the above information from you.

The strange quirks described in the above (un-updated) link may and may not be innocuous.
And the issues on minipli's github page may very well be attacks and not programming
errors at all.

Why is it that they have almost all occurred in my clone-for-online machine and almost
none in my master Air-Gapped machine, and almost all successively to my connecting online,
and mostly not when the machine was fresh from cloning and prior to having connected --and
if they did appear in the for-online clone, they weren't persistent and would cease untill
my connecting online, indicating some exploit having been stored in some cache of the
machine from some previous online session actually?

And if those are caused by attacks --Croatia has recently been under totally frenzied and
really wide-spanning censorship, including well-known public figures, sites, organizations
but only those politically affiliated to the center or the right in the country, and
surely I don't affiliate to the excluded-from-censorship left-- than you won't be able to
reproduce these in your machines no matter how hard you try, and withstanding: these
packages are likely reliable and good for your machine...

And if you decide to run the above risk (which I believe is minor, but why not help test
it, if you subscribe to FOSS, to privacy which there is none without security, and there
is hardly any in Linus' vanilla kernel, in which there will hardly be true security
attainable without the complete solution that grsec --unavailable because of Google's
sustained and deliberate ripoff of spender's and PaX Team's code--, and grsecunoff as
well, can provide)...

And if you decide for these, you will likely be quicker downloading the debs in this dir
with:
https://raw.githubusercontent.com/miroR/uncenz/master/dump_dLo.sh or find it locally here
dump_dLo.sh, which is from my uncenz program.

#######-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#######

That said, if your system is clean from any ME/PSP
(
but that's only systems listed at:

Respects Your Freedom hardware product certification -- Free Software Foundation -- working together for free software
)
you should be very safe compiling your own unofficial-grsecurity-hardened kernel by
following my:

grsec-dev1-compile script guide.

Make sure you also read:

Grsecurity/Pax installation on Devuan GNU/Linux
which is my home distro

or if you're with the mother distro, then try:
Grsecurity/Pax installation on Debian GNU/Linux

Regards!