LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 04-27-2017, 10:29 AM   #1
BratPit
Member
 
Registered: Jan 2011
Posts: 237

Rep: Reputation: 85
The end of a certain age of grsec


https://grsecurity.net/passing_the_baton.php

Pity for non commercial users like slackers.

Last edited by BratPit; 04-27-2017 at 10:31 AM.
 
Old 04-27-2017, 10:35 AM   #2
orbea
Senior Member
 
Registered: Feb 2015
Distribution: Slackware64-current
Posts: 1,629

Rep: Reputation: Disabled
It only confirms what I long suspected, the grsec developers care more about personal profit than linux security.
 
6 members found this post helpful.
Old 04-27-2017, 08:02 PM   #3
mralk3
Senior Member
 
Registered: May 2015
Location: Utah, USA
Distribution: Slackware 14.2 || Slackware-current && CentOS
Posts: 1,372

Rep: Reputation: 736Reputation: 736Reputation: 736Reputation: 736Reputation: 736Reputation: 736Reputation: 736
What do you guys plan to use instead of grsec?
 
Old 04-28-2017, 04:08 AM   #4
orbea
Senior Member
 
Registered: Feb 2015
Distribution: Slackware64-current
Posts: 1,629

Rep: Reputation: Disabled
To be honest while I found the idea of a hardened kernel appealing and grsec seemed the best option, but even then the developer attitudes repelled me. In retrospect I guess that was for the best. Now I am interested if either the hardened gentoo or alpine linux communities can continue to move forward.
 
Old 04-28-2017, 07:46 AM   #5
BratPit
Member
 
Registered: Jan 2011
Posts: 237

Original Poster
Rep: Reputation: 85
Quote:
Originally Posted by mralk3 View Post
What do you guys plan to use instead of grsec?
There is no such good complex security of "ring 0" in linux.
Nobody think about it seriously. There is some "barriers" to prevent get in ring 0 like AppArmor or Selinux but they not prevent exploitation and barrier breaks.

https://grsecurity.net/compare.php

Ring 0 is the basis to think about security in Linux IMHO.
Some elements of grsec ideas in recent kernels introduce Kees Cook because protection default kernel is not the best.

Last edited by BratPit; 04-28-2017 at 07:59 AM.
 
Old 04-28-2017, 08:13 AM   #6
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 17,820

Rep: Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830
Seems like you are making a case for the commercialisation of the project ...

These things happen.
Often.
 
Old 04-28-2017, 08:22 AM   #7
BratPit
Member
 
Registered: Jan 2011
Posts: 237

Original Poster
Rep: Reputation: 85
Quote:
Originally Posted by syg00 View Post
Seems like you are making a case for the commercialisation of the project ...

These things happen.
Often.
Yup.
Some things are ending.Linux too.I hope not but like I see comercial already knows how to fight with community taking everything giving little or nothing.
 
Old 04-29-2017, 04:39 AM   #8
Jjanel
Member
 
Registered: Jun 2016
Distribution: any&all, in VBox; Ol'UnixCLI; NO GUI resources
Posts: 999
Blog Entries: 12

Rep: Reputation: 360Reputation: 360Reputation: 360Reputation: 360
fyi: LONG discussion (&more links) here: http://news.ycombinator.com/item?id=14202421

RE: #4: I just 'discovered' AlpineLinux, so I wonder too. Also DevilLinux
http://wikipedia.org/wiki/Grsecurity mentions Alpine.

Last edited by Jjanel; 04-29-2017 at 04:49 AM.
 
Old 04-29-2017, 08:06 AM   #9
1337_powerslacker
Member
 
Registered: Nov 2009
Distribution: Slackware64-current
Posts: 727
Blog Entries: 1

Rep: Reputation: 473Reputation: 473Reputation: 473Reputation: 473Reputation: 473
Quote:
Originally Posted by BratPit View Post
Yup.
Some things are ending.Linux too.I hope not but like I see comercial already knows how to fight with community taking everything giving little or nothing.
Commercial companies have always been like that; greed is a part of how they operate. Linux arose despite that, and people will always find a way to deploy Linux at their companies and personally. Corporate greed won't kill Linux.
 
Old 04-29-2017, 09:28 AM   #10
igadoter
Senior Member
 
Registered: Sep 2006
Location: wroclaw, poland
Distribution: many, primary Slackware
Posts: 1,273
Blog Entries: 1

Rep: Reputation: Disabled
I would rather say: thank you for your sixteenth years of well done job for Linux. I wish the best, hope enterprise will be successful, this is good when other see you can earn honestly some money with Linux. For those who really care about security, there is no question pay or not to pay. It is being done what is necessary. All the best. And please do not listen, all those complaining: they are simply jealous.
 
1 members found this post helpful.
Old 04-29-2017, 10:21 AM   #11
montagdude
Senior Member
 
Registered: Apr 2016
Distribution: Slackware
Posts: 1,489

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
We're all really fortunate that there are so many people who pour years of their lives to developing great software that they provide at no cost at all. But this is a blessing, not a right. The developers are the IP owners of the software they create, and they are free to license it as they choose. It's not "greedy" to do so, but it is rather entitled to demand they provide it free of charge.

My 2 cents, though I expect it is not a very popular viewpoint.
 
Old 04-29-2017, 11:00 AM   #12
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 3,954
Blog Entries: 3

Rep: Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885Reputation: 1885
Quote:
Originally Posted by montagdude View Post
The developers are the IP owners of the software they create, and they are free to license it as they choose.
Only if by "IP" you mean copyright then, yes, you are spot on. Their code, their choice of license.

If by "IP" you mean software patents, and if Grsecurity is located in the US where software, algorithms, and business methods are patented, then no, odds are someone else controls many or all of the patents. For that they are not free to license it as they choose.

Anyway, here is a blog post at hardenedlinux about why Gresecurity made the licensing change:
 
Old 04-29-2017, 11:51 AM   #13
montagdude
Senior Member
 
Registered: Apr 2016
Distribution: Slackware
Posts: 1,489

Rep: Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110Reputation: 1110
Quote:
Originally Posted by Turbocapitalist View Post
Only if by "IP" you mean copyright then, yes, you are spot on. Their code, their choice of license.

If by "IP" you mean software patents, and if Grsecurity is located in the US where software, algorithms, and business methods are patented, then no, odds are someone else controls many or all of the patents. For that they are not free to license it as they choose.

Anyway, here is a blog post at hardenedlinux about why Gresecurity made the licensing change:
I meant copyrights. I should have said they are free to license as they choose, provided it is legal.
 
Old 04-29-2017, 02:44 PM   #14
orbea
Senior Member
 
Registered: Feb 2015
Distribution: Slackware64-current
Posts: 1,629

Rep: Reputation: Disabled
While its okay for grsec to charge money for their code, its not okay for them to put their customers under threat of retaliation if the code is then shared with someone else.
 
Old 05-11-2017, 06:22 AM   #15
cynwulf
Senior Member
 
Registered: Apr 2005
Posts: 2,265
Blog Entries: 5

Rep: Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463Reputation: 1463
This is a long, sad history, involving the clash of personalities and a considerable degree of bitterness (involving Torvalds, spender and others) leading to the current situation today.

While I can understand PaX/grsec making their patches private, after well over a decade of putting them out for free and being largely undervalued by Torvalds and others [as "security people"], KSPP was probably the final insult, though I have to say that spender's attitude and "we did it first!" approach has been a large contributing factor.

As some have commented, this might be the "kick" which will spawn other people/projects to start working on Linux kernel security. Some of the multi-billion dollar corporations who fund, use and profit from the Linux kernel might want to make a start on this or pour in some investment.

//edit: http://undeadly.org/cgi?action=artic...20160527203200

This was an article last year when OpenBSD began implementing W^X. If you read the comments you'll see that PaX team jump in immediately to ensure the reader knows they got there first. I have to agree with some of the comments, in that PaX/grsec was never going to make headway in it's current form as it's not really being widely used and not really being implemented correctly in distributions which offer it. Recent events won't really help in it's adoption.

Last edited by cynwulf; 05-12-2017 at 05:00 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Automatically building grsec-patched kernel (grsec-slackware) drgibbon Slackware 9 02-20-2017 06:25 PM
Native "Age of Empires II : The Age of Kings PC" without WINE Xeratul Linux - Games 15 12-29-2013 12:11 PM
2.4.31 + grsec on AlphaServer Teukka Debian 1 11-12-2005 05:15 PM
Can't get Age of Empires II: Age of Kings started (I've could it before !!!) vegetassj2 Linux - Games 44 08-28-2005 04:59 PM
Grsec configuration? hlozo Mandriva 2 05-08-2004 10:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 03:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration