[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1493683745.2530.2.camel@redhat.com>
Date: Mon, 01 May 2017 20:09:05 -0400
From: Rik van Riel <riel@...hat.com>
To: Mathias Krause <minipli@...glemail.com>, Kees Cook
<keescook@...omium.org>
Cc: Daniel Cegiełka <daniel.cegielka@...il.com>,
"kernel-hardening@...ts.openwall.com"
<kernel-hardening@...ts.openwall.com>
Subject: Re: It looks like there will be no more public
versions of PaX and Grsec.
On Tue, 2017-05-02 at 00:01 +0200, Mathias Krause wrote:
> I think the intention of the KSPP is good -- making vanilla Linux
> more
> secure. But the way it does its work harms overall Linux security. It
> does hurt mine, that's for sure!
Yeah, no. The grsecurity people produced patches
that were used on maybe a few tens of thousands
of systems, while the KSPP code will end up
enhancing the security of over a billion Android
devices.
Those Android devices are more likely to require
hardening, too, since they do not receive security
updates as quickly as the systems maintained by
grsecurity users.
Integrating hardening into the upstream kernel is
a good thing for security, not a bad thing.
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
