Re: [gentoo-hardened] RIP hardened-sources

public inbox for gentoo-hardened@lists.gentoo.org
 help / color / mirror / Atom feed

From: "\"Tóth Attila\"" <atoth@atoth.sote.hu>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] RIP hardened-sources
Date: Sat, 29 Apr 2017 22:34:14 +0200	[thread overview]
Message-ID: <eac59d176ad47ac48b3891e60f2c9d87.squirrel@atoth.sote.hu> (raw)
In-Reply-To: <CAPLrYESvsyoR3RQ=zJzUAzQrFLhQSQbCU0SN3iaET1AEoa7xEA@mail.gmail.com>

2017.Április 29.(Szo) 20:43 időpontban Daniel Cegiełka ezt írta:
>> That's the part I don't get either. Since the only possible motivation
>> I can think of for this move is to generate more income, they could've
>> at least tried asking the community for donations first.
>
> It's more complex:
>
> https://www.theregister.co.uk/2015/08/27/grsecurity/
>
> I don't judge them. I'm interested in the future of projects that were
> heavily dependent on PaX (Gentoo Hardened, Alpine Linux).

I also have concernes about the future of Gentoo Hardened userspace.
Security initiatives drew my attention 15+ years ago, when Adamantix was
alive. After discontinuation of the project I've discovered Gentoo
Hardened as something providing a remedy for security-aware refugees. Over
the years I get used to the infrastructure of Daniel Robbins' Gentoo and
experienced the benefits of the rolling release nature of the distro and
all those simple compile time tools provides to the power users.
When you go hardened, you cant stop it.
I wish Hardened Gentoo survives and continue to exist for long.

>> Now, I suppose someone is going to answer "If you'd be willing do
>> regularily donate to them, you might as well get a subscription", but I
>> fear this might have some serious drawbacks. In the past years,
>> the Gentoo Hardened devs have invested quite some work to make sure
>> most applications in the tree work on grsec/PaX-enabled kernels without
>> too much fallout. But now, there's suddently a lot less motivation to
>> keep up this work.

Personal subscription was my first idea. I've made several small donations
for the past decade. However a small fee equivalent to an antivirus
software subsription or an Android app has an effect if there are enough
people in the community. My guess is a project like grsecurity won't
really depend on some individual users. Individuals of the community are
suffering collateral damage currently.

> Ned Lud (or Solar, but != Designer) has put a lot of work into the
> launch of Gentoo Hardened and, of course, the popularization of PaX.
> Old times.. :)

Yes, Ned Ludd.

> This means that there will be conflicts in the future. I don't claim
> that maintaining PaX support will be easy, but it's possible to do so.

I believe the community and grsecurity will find a solution soon. Hardened
Gentoo provided a basis for test patches.
I understand the developers of grsecurity getting fed up by legal issues
and having a lack of time dealing with problems they don't want to spend
their resources on. I hope there will be a good solution for every
benevolent parties involved.

Dwokfur

next prev parent reply	other threads:[~2017-04-29 20:34 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-04-29 11:49 [gentoo-hardened] RIP hardened-sources Luis Ressel
2017-04-29 12:47 ` Alex Efros
2017-04-29 15:56   ` Daniel Cegiełka
2017-04-29 16:52     ` Javier Juan Martinez Cabezon
2017-04-29 16:58       ` Luis Ressel
2017-04-30  8:15         ` Javier Juan Martinez Cabezon
2017-04-29 17:04     ` Luis Ressel
2017-04-29 18:43       ` Daniel Cegiełka
2017-04-29 20:34         ` "Tóth Attila" [this message]
2017-04-29 22:04           ` Brant Williams
2017-04-30 13:00           ` Andrew Savchenko
2017-04-30 13:16             ` Alex Efros
2017-04-30 14:34               ` Andrew Savchenko
2017-04-30 14:56                 ` "Tóth Attila"
2017-04-30 13:07   ` Andrew Savchenko
2017-04-29 13:11 ` Alex Efros
2017-04-29 13:46   ` PaX Team
2017-04-29 16:46     ` Alex Efros
2017-04-30 11:08       ` Alex Efros
2017-04-30 11:50         ` SK
2017-04-30 11:55           ` SK
2017-04-30 12:32             ` Andrew Savchenko
2017-04-30 12:56             ` Alex Efros
2017-04-30 13:28               ` Andrew Savchenko
2017-04-30 13:07           ` Daniel Cegiełka
2017-04-29 15:30   ` Paweł Hajdan, Jr.

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=eac59d176ad47ac48b3891e60f2c9d87.squirrel@atoth.sote.hu \
    --to=atoth@atoth.sote.hu \
    --cc=gentoo-hardened@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox