Re: [cii-census] Support Grsecurity/PaX

PaX Team <pageexec@...>
 

On 19 Aug 2015 at 13:37, Dan Kohn wrote:

Hi Dan,

On Wed, Aug 19, 2015 at 11:32 AM, Jason A. Donenfeld <Jason@...> wrote:
Of course there are worthwhile
kernel projects that are not a part of mainline.
One last question for you: could you name other such projects (not
necessarily security-related). Nearly every other out-of-mainline
project I'm aware of has eventually either merged or died out.
Let's hope you only had bad luck and that's why you aren't aware of
any of these ;)

http://lttng.org/download/
http://www.sysdig.org/wiki/how-to-install-sysdig-from-the-source-code/
http://open-mx.gforge.inria.fr/download/
http://knem.gforge.inria.fr/download/
http://download.savannah.gnu.org/releases/davfs2/
http://www.openafs.org/release/index.html
http://www.asterisk.org/downloads/dahdi
https://www.virtualbox.org/wiki/Downloads
https://www.jetico.com/linux/installation.html
http://zfsonlinux.org/
http://aufs.sourceforge.net/
http://cryptodev-linux.org/download.html
http://loop-aes.sourceforge.net/loop-AES/
https://www.rsbac.org/download
http://cdemu.org/about/vhba/
https://github.com/vmware/open-vm-tools
http://scst.sourceforge.net/downloads.html
http://sourceforge.net/projects/xtables-addons/files/Xtables-addons/

As for the requirement of mainlining grsec, it's not possible since
we know right off the start that some of the features and other changes
are not acceptable at all (say, all the x86 segmentation based code).

Second, for the potentially viable pieces this would be a multi-year
full time job. Is the CII willing to fund projects at that level? If not
we all would end up with lots of unfinished and partially broken features.

Third, you're actually wrong as to what is needed for mainline acceptance,
it's most definitely not enough to dump the code on them and let the
community figure it all out and take care of it. If anything, the exact
opposite is true, for any non-trivial amount of code there has to be a
pledge for long-term maintenance from the submitters (so regardless where
grsec stays, in-tree or out-of-tree, the maintenance burden would still
be ours for some years at least, with corresponding need of funding).

Fourth, you mentioned the potential futility of not funding grsec indefinitely.
It begs the question why it is then worth doing the same for the fuzzing
project or Frama-C. I hope noone at CII believes that a year or two of
fuzzing and static analysis will exterminate all bugs so what happens after
their funding runs out? Or are you suggesting that they can be funded
indefinitely but for some reason grsec could not be?

In any case, it is your money and decision at the end and we thank you
for your attention at least. However it is also clear that we have a
different understanding of what constitutes securing the core infrastructure.

cheers,
PaX Team

Join cii-discuss@lists.coreinfrastructure.org to automatically receive all group messages.