Re: Support Grsecurity/PaX

Home Messages Hashtags Subgroups

#26

Re: Support Grsecurity/PaX

Meredith Whittaker #26 Seems like there are a number of thoughts, and a general consensus that grsecurity is useful and used and deserves support. Cool! OK. What's missing is a proposal, tying funding to specific outcomes. I think this is a next step that would help narrow this conversation, and allow CII to vote on funding during its next Steering meeting (Sept. 17th). Cheers, Meredith toggle quoted message. . . On Fri, Aug 21, 2015 at 5:29 PM, Tom Ritter <tom@...> wrote: I'm pretty far from the kernel development community. I know the generalities we've seen in this threat about different communities attitudes about mainlining, and I understand that pretty much everyone is either frustrated with the situation or given up on it. I just wanted to weigh in add support to the notion that PaX/grsec is a critical piece of security software, is very highly regarded, and it's always the first thing we recommend to people when they ask "How an we harden our systems?" Then they almost never do it. It _has_ been very frustrating over the years that it has not been mainlined, but I would rather it exist out-of-tree and be made as available as easily and broadly as possible than not exist at all. Maybe the answer is going to the distros and making it easy to switch to a patched kernel to drive adoption, or maybe that's a horrible idea. I think it would be wonderful if something could be done - but I don't know what the exact plan could be. -tom _______________________________________________ cii-census mailing list cii-census@... https://lists.coreinfrastructure.org/mailman/listinfo/cii-census -- Meredith Whittaker Open Source Research Lead Google NYC
More All Posts By This Member

View All 18 Messages In Topic

#26

Join cii-census@lists.coreinfrastructure.org to automatically receive all group messages.