From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LP2LC-0006Ez-Og for garchives@archives.gentoo.org; Mon, 19 Jan 2009 22:11:31 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 730CDE04BC; Mon, 19 Jan 2009 22:11:29 +0000 (UTC) Received: from yw-out-1718.google.com (yw-out-1718.google.com [74.125.46.153]) by pigeon.gentoo.org (Postfix) with ESMTP id 389ECE04BC for ; Mon, 19 Jan 2009 22:11:29 +0000 (UTC) Received: by yw-out-1718.google.com with SMTP id 5so1251707ywm.46 for ; Mon, 19 Jan 2009 14:11:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:reply-to:mail-followup-to:references:mime-version :content-type:content-disposition:content-transfer-encoding :in-reply-to:x-operating-system:user-agent; bh=X0FtOlICYZ/VDlek1gkO7/b5+3b9i82lYzHstC/W4qI=; b=QY/xGvLLrGMxH/GpNZbPF/gGsm75EkWVN4JAMKfUon7Ls4fZ5n7X4exVEPOFUiAP8S RMCaswA88A0b2wRo1GbLSPkFHo1L4VvUMqX2rLhoI1/h7JWJqI3lTHTve4gTvUwMvryC q+MfLeBscyI8ddDxx7OFZLQvXOAgt+kVLwNOc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:reply-to:mail-followup-to :references:mime-version:content-type:content-disposition :content-transfer-encoding:in-reply-to:x-operating-system:user-agent; b=paj5oLbB3mjEvgBU9G5wDGfQTGQs+o+ZFxQe+X7Zt5FnMBj8jYhsMJysSkELJkd5UY 2aA7H+luTkTAe3Z+2b3e3YzIzVFBvUuN/BlGAw6VxVKXDeddwEsu/3TRNagAjMRSJjDC ScQW+SKglHsypZsomVX0DFtEIA9zgCUyn7eRc= Received: by 10.65.51.16 with SMTP id d16mr1897963qbk.41.1232403088497; Mon, 19 Jan 2009 14:11:28 -0800 (PST) Received: from gmail.com (erasmus.cae.wisc.edu [128.104.196.196]) by mx.google.com with ESMTPS id 27sm10527392qbw.20.2009.01.19.14.11.27 (version=SSLv3 cipher=RC4-MD5); Mon, 19 Jan 2009 14:11:27 -0800 (PST) Date: Mon, 19 Jan 2009 16:11:26 -0600 From: Brian Kroth To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] Grsecurity / PaX in danger! Message-ID: <20090119221125.GB16609@gmail.com> Mail-Followup-To: gentoo-hardened@lists.gentoo.org References: <6d6452241ca58bcb748d96be52484b52.squirrel@atoth.sote.hu> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline In-Reply-To: <6d6452241ca58bcb748d96be52484b52.squirrel@atoth.sote.hu> X-Operating-System: Linux 2.6.26-hardened-r2 x86_64 User-Agent: Mutt/1.5.18 (2008-05-17) Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 1070f024-fcf3-4a67-9f69-c01465c2c423 X-Archives-Hash: 067f7c704f3c4625af3d777f3fbd5e40 My ability to keep up on these things comes and goes as I'm sure everyone's does, so I just noticed this: http://lwn.net/Articles/313621/#Comments For those of us who clearly see the benefit of the PaX/Grsecurity patchset, but don't have enough kernel programming knowledge to directly contribute (I'm sure there are many of us out there), I'm curious, what can we do to help ensure (even parts of) the project's survival, either in or out of the mainline kernel? Unfortunately I work for a state facing a major deficit, so sponsorship by my "company" isn't really a possibility, though your idea of NSA sponsorship intrigues me. Has that, or some other form of grant, been pursued? =20 How much "sponsorship" would be required? Would lobbying or other efforts to get certain features ready for mainline kernel inclusion help or does that go against the PaX/Grsecurity teams' wishes? What would those features be? Should users be polled for what they'd like to see attempted first? Is this even the right place to discuss such a proposal? Probably other distros like Debian would be interested in the project's survival as well, however in my experience the gentoo-hardened list has generally been more active than the grsecurity one. For what it's worth I made my donation today. Thanks again, Brian atoth@atoth.sote.hu 2008-12-29 06:22: > While Grsecurity 2.1.12 has been officially released, an alarming messa= ge > has been also included in the announcement. > http://www.grsecurity.net/news.php#grsec2112 > If no sponsors will be found in a few months, Grsecurity can be expecte= d > to become discontinued. >=20 > I encourage every individuals for a small donation (I've already done) = and > companies using the software to consider sponsoring Brad & PaxTeam. >=20 > I personally could donate $10 monthly for keeping the essential, crucia= l > piece of patch alive. If every user could make a small donation the > project could be saved by an effort of the community. >=20 > If I were the US cabinet, I would immediately instruct NSA to save > Grsecurity & PaX. >=20 > Regards, > Dw. > --=20 > dr T=F3th Attila, Radiol=F3gus, 06-20-825-8057, 06-30-5962-962 > Attila Toth MD, Radiologist, +36-20-825-8057, +36-30-5962-962