Re: [gentoo-hardened] Technical repercussions of grsecurity removal

public inbox for gentoo-hardened@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Max R.D. Parmer" <maxp@trystero.is>
To: Alex Efros <powerman@powerman.name>, gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] Technical repercussions of grsecurity removal
Date: Fri, 12 May 2017 17:17:52 -0700	[thread overview]
Message-ID: <1494634672.363667.975060048.16742F31@webmail.messagingengine.com> (raw)
In-Reply-To: <20170512233819.GC16275@home.power>

On Fri, May 12, 2017, at 16:38, Alex Efros wrote:
> Hi!
> 
> On Fri, May 12, 2017 at 09:10:43PM +0200, "Tóth Attila" wrote:
> > Please take a look at on the reply of PaxTeam postend on the openwall
> > mailing list:
> > http://openwall.com/lists/kernel-hardening/2017/05/11/2
> 
> What's for? It's pointless. Only very few people are really interested
> (i.e. not just curious) in knowing who is paid by which company for doing
> what, who makes more real bugs, and who lies about something.
> 
> The important questions about how to keep current level of protection for
> individual/small business users and how users of some distributions like
> Gentoo/Ubuntu/Android can be protected with GrSec/PaX are still
> unanswered.
> 
> While large companies may buy subscription for GrSec/PaX the mentioned
> above categories of users can't (correct me if I'm wrong, please) - so
> effectively the change in GrSec policy makes harm and punish mostly these
> categories of users. If that's real GrSec/PaX goal - it's very sad but
> they probably have rights to do this (except their public reasoning
> doesn't match what they actually do, so probably there are some unsaid
> reasoning exists too), but if it's not their real goal - then they
> probably should provide some options for these categories of users too.
> 
> -- 
> 			WBR, Alex.

Individuals can certainly request a quote -- I did -- their director of
sales is very patient, considerate and accommodating. Unfortunately the
price is quite a bit more than I can personally afford at present.

I don't personally doubt PaXteam/Spenders stated reasoning. It appears
they've encountered a quite aggravating situation with what may amount
to plagiarists. The post Dr. Toth linked closely mirrored what I
initially anticipated from observing kspp and the like from afar. I
think they're in a crap situation and what they've done is one of the
better of several bad options.

So, I am considering the costs of alternative control environments for
my personal systems, perhaps it will be worth the quoted price after all
once I've assessed options.

But, point being, if paying is not out of the question I think you
should request a quote. 

--
0x7D964D3361142ACF

next prev parent reply	other threads:[~2017-05-13  0:18 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-01  9:38 [gentoo-hardened] Technical repercussions of grsecurity removal Sven Vermeulen
2017-05-01  9:50 ` Sven Vermeulen
2017-05-01 10:24 ` Daniel Cegiełka
2017-05-01 11:00   ` Andrew Savchenko
2017-05-01 12:25     ` Daniel Cegiełka
2017-05-01 10:28 ` Andrew Savchenko
2017-05-01 13:58   ` Sven Vermeulen
2017-05-01 14:20     ` SK
2017-05-01 14:53       ` Daniel Cegiełka
2017-05-01 15:21         ` SK
2017-05-02  8:28           ` Daniel Cegiełka
2017-05-08 18:08             ` Miroslav Rovis
2017-05-08 18:57               ` Luis Ressel
2017-05-08 20:07               ` Mathias Krause
2017-05-08 20:49                 ` Miroslav Rovis
2017-05-08 23:31                   ` Miroslav Rovis
2017-05-09 14:28                     ` [gentoo-hardened] Unofficial grsec kernel install WAS: " Miroslav Rovis
2017-05-08 21:12     ` [gentoo-hardened] " Andrew Savchenko
2017-05-12 19:10       ` "Tóth Attila"
2017-05-12 23:38         ` Alex Efros
2017-05-13  0:17           ` Max R.D. Parmer [this message]
2017-05-02 15:28 ` Luis Ressel
2017-05-02 15:56   ` Daniel Cegiełka
2017-05-02 16:02     ` Luis Ressel
2017-05-02 16:59       ` Daniel Cegiełka
2017-05-02 17:23         ` "Tóth Attila"
2017-05-02 19:58           ` Daniel Cegiełka
2017-05-02 20:41             ` Alex Efros

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1494634672.363667.975060048.16742F31@webmail.messagingengine.com \
    --to=maxp@trystero.is \
    --cc=gentoo-hardened@lists.gentoo.org \
    --cc=powerman@powerman.name \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox