If grsecurity is so great, why isn't the patches it does included in all kernels?
Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I don't, but I love to troll and I actually knows what I'm talking about.
I saw this thread on Twitter and I wasn't able to resist the urge of making fun of you guys.
You clearly do not understand a lot of concepts (e.g. The comment about security not being the kernel's job)
But anyway, you made a bunch of us laugh, and I thank you for that, next time, please do your research and try to understand the fuss about grsec licensing, and features and why kernel's security is important
@MensaWater: our code is free software but not every version is distributed to the whole world. this is not different from Red Hat giving away their kernel patches to paying customers only (and terminate their support contract if they redistribute them).
@Rinndalir: we can't have complained about getting our code upstream since we never tried let alone wanted to. one reason is that the cost/benefit of doing that is simply too high for a free time project like ours (yes, this is our hobby project, not something we've been doing for a living). regarding the reasons for stopping public distribution of one of our patch series, it's a legal matter (trademark violation by one entity and copyright violations by several others) and we chose what was the best compromise between shutting down the entire project and letting the violators get away with their actions. as for speculating about Linus' view on kernel security, how about his own words:
Quote:
"The only real solution to security is to admit that bugs happen," Torvalds said, "and then mitigate them by having multiple layers, so if you have a hole in one component, the next layer will catch the issue."
you can read the rest at www dot eweek dot com slash enterprise-apps slash linus-torvalds-talks-linux-security-at-linuxcon.html . guess what our work is all about? exploit prevention/mitigation! it took many years for kernel developers to understand the importance of such work but these days it's happenning via the kernel self-protection project (kernsec dot org slash wiki slash index.php Kernel_Self_Protection_Project).
eh, and where exactly is "yourselves" ridiculing "themselves"?
there's no actual hard info in this twitter thing (just like in this thread), and it petered out after a few bs comments (which this thread should do, too)(*).
it does, however, seem that "grsecurity" (if that twitter user actually represents grsecurity) are intent on using opinion to their advantage.
Quote:
Originally Posted by tsulivan
I don't, but I love to troll and I actually knows what I'm talking about.
I saw this thread on Twitter and I wasn't able to resist the urge of making fun of you guys.
You clearly do not understand a lot of concepts (e.g. The comment about security not being the kernel's job)
But anyway, you made a bunch of us laugh, and I thank you for that, next time, please do your research and try to understand the fuss about grsec licensing, and features and why kernel's security is important
you guys? us?
tsulivan is making it sound like it's "LQ vs. Grsecurity". which it isn't.
but who am i to criticize you, since you clearly "knows what I'm talking about."
Quote:
Originally Posted by tsulivan
The rest of us who understand what we're talking about and the ones making fun of you (You know ? That twitter link I posted !)
You're right, no need to embarrass yourself even more...
the rest of who?
making fun of you? there's the ominous "Us vs Them" again.
... and these are the only 3 posts ever made by user tsulivan.
very embarrassing, if you ask me.
but each and everyone, make up your own mind.
there's no actual hard info in this twitter thing (just like in this thread),
if the information i posted isn't hard enough for you then please explain what else you need.
Quote:
Originally Posted by ondoho
it does, however, seem that "grsecurity" (if that twitter user actually represents grsecurity)
if you had only taken a look at the grsecurity homepage you wouldn't have had to speculate... tip: the 'news' item around the top left corner.
Quote:
Originally Posted by ondoho
[grsecurity] are intent on using opinion to their advantage.
it's somewhat ironic that for all the wild speculations you guys have shown here you have yet to back up a single statement of yours with actual facts.
if you had only taken a look at the grsecurity homepage you wouldn't have had to speculate...
Agree. Especially the more senior members should know better than to voice opinions without valid basis. BTW there's been nearly 1K posts mention Grsec since 2001 and spender has posted here too.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.