Hi!
On Fri, May 12, 2017 at 09:10:43PM +0200, "T?th Attila" wrote:
> Please take a look at on the reply of PaxTeam postend on the openwall
> mailing list:
> http://openwall.com/lists/kernel-hardening/2017/05/11/2
What's for? It's pointless. Only very few people are really interested
(i.e. not just curious) in knowing who is paid by which company for doing
what, who makes more real bugs, and who lies about something.
The important questions about how to keep current level of protection for
individual/small business users and how users of some distributions like
Gentoo/Ubuntu/Android can be protected with GrSec/PaX are still unanswered.
While large companies may buy subscription for GrSec/PaX the mentioned
above categories of users can't (correct me if I'm wrong, please) - so
effectively the change in GrSec policy makes harm and punish mostly these
categories of users. If that's real GrSec/PaX goal - it's very sad but
they probably have rights to do this (except their public reasoning
doesn't match what they actually do, so probably there are some unsaid
reasoning exists too), but if it's not their real goal - then they
probably should provide some options for these categories of users too.
--
WBR, Alex.
On Fri, May 12, 2017 at 09:10:43PM +0200, "T?th Attila" wrote:
> Please take a look at on the reply of PaxTeam postend on the openwall
> mailing list:
> http://openwall.com/lists/kernel-hardening/2017/05/11/2
What's for? It's pointless. Only very few people are really interested
(i.e. not just curious) in knowing who is paid by which company for doing
what, who makes more real bugs, and who lies about something.
The important questions about how to keep current level of protection for
individual/small business users and how users of some distributions like
Gentoo/Ubuntu/Android can be protected with GrSec/PaX are still unanswered.
While large companies may buy subscription for GrSec/PaX the mentioned
above categories of users can't (correct me if I'm wrong, please) - so
effectively the change in GrSec policy makes harm and punish mostly these
categories of users. If that's real GrSec/PaX goal - it's very sad but
they probably have rights to do this (except their public reasoning
doesn't match what they actually do, so probably there are some unsaid
reasoning exists too), but if it's not their real goal - then they
probably should provide some options for these categories of users too.
--
WBR, Alex.