Posted Aug 5, 2010 15:46 UTC (Thu) by spender (subscriber, #23067)
Parent article: Yama: not so fast
I've got a better solution: if you want features of grsecurity (which is a coherent security system), just use grsecurity. I'm constantly amazed by the security views of the kernel developers. Maybe if Kees worked for IBM and added TPM support to his code, it could have gotten in like the absolutely worthless snake-oil that is IMA. I'l have more to say about this at the Linux Security Summit on Monday, where I'll be presenting.