Re: Support Grsecurity/PaX

Dan Kohn

On Wed, Aug 19, 2015 at 10:03 AM, Jason A. Donenfeld <Jason@...> wrote:

It's important to note, though, that it shouldn't be considered relevant
whether or not their work is mainlined. This is an important core project
that's extremely widely used by everybody who cares about security. Ensuring
the work goes on is of *critical* importance. Not only that, but work done
in Grsecurity/PaX _does_ make its way back to mainline bit by bit in the
form of individual patches that are a rework of features pioneered by
Grsecurity/PaX. In other words, mainlined or not, keeping Grsecurity/PaX
around with healthy funding is of the utmost importance for the Linux
ecosystem at large. We need them. (And I believe they very likely need you,
CII follows the philosophy of Linux development that long-term,
out-of-mainline patches are problematic because of the maintenance
issues and lack of peer-review. Of course, the Grsecurity/PaX team is
welcome to continue as they have been, and the GPL allows them to
charge for consulting services.

But the most likely scenario for a CII grant would be to facilitate
inclusion into mainline.
Dan Kohn <mailto:dankohn@...>
Senior Advisor, Core Infrastructure Initiative

Join to automatically receive all group messages.