|
Message-ID: <1493837804.20270.10.camel@redhat.com>
Date: Wed, 03 May 2017 14:56:44 -0400
From: Rik van Riel <riel@...hat.com>
To: Shawn <citypw@...il.com>, Kees Cook <keescook@...omium.org>
Cc: Mathias Krause <minipli@...glemail.com>, Daniel
Cegiełka <daniel.cegielka@...il.com>,
"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: It looks like there will be no more public
versions of PaX and Grsec.
On Wed, 2017-05-03 at 12:50 +0800, Shawn wrote:
> The fragmentation of Android eco-system may be inevitable. The whole
> chains is too long from ASOP/BSP/Vendors and it affect the security
> fix being delivered to the end user. According to my own statistic
> from my customers, there will be more than 7 millions of Android
> phone
> will be using some features of PaX/Grsec this year.
That is great news. I am glad to hear the hardening features
are being used on that many phones.
Of course, given the fragmentation of the eco-system, the
only thing that can get the hardening on all of the (new)
phones in the future will be getting the hardening features
into the upstream kernel.
> btw: I share the same view with Mathias Krause and other ppl who
> really concern the real sense of security. I like KSPP in the 1st
> place. But now I lost PaX/Grsecurity test patch. Who should I blame?
I am not sure anyone deserves blame for this situation.
Spender has been doing what is best for his business,
and his work is an important asset for security-minded
people.
Kees and the other KSPP contributors have been doing what
is best for the community, and wide-spread adoption of
hardening functionality.
The important question to ask is "what do we do now?"
I suspect the answer is upstreaming more and more of the
grsecurity functionality, so nobody needs to carry around
that patch any more.
--
All rights reversed
Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.