1 |
I really never wanted to send a mail like this but I don't know what |
2 |
else to do. ;/ |
3 |
|
4 |
Due to low positive feedback and user input I'm considering dropping the |
5 |
hardened toolchain and retiring from non commercial proactive security |
6 |
efforts. ie pulling the patches developed that brings you |
7 |
pie/ssp/relro/now/etc.. Doing otherwise I feel would leave you limping |
8 |
along, which I feel would be a disservice to everybody. This motivation |
9 |
stems from bugs that are going unresolved or being improperly fixed and |
10 |
or filtered. I'm not getting the help I/we need from my own team or the |
11 |
user community. This is becoming an overwhelming/stressful job for one |
12 |
person to handle alone on with a user-base this large. |
13 |
|
14 |
If you wish to see the hardened toolchain continue YOU need to step up |
15 |
in the next few weeks and offer help (ie we need 2-3 really good |
16 |
people). |
17 |
|
18 |
Mail me off list for more details if your interested in helping. |
19 |
A fair to strong understanding is needed of entire toolchain process. |
20 |
Desired is somebody(s) that preferably also understands ELF and multi |
21 |
arch assembly that wishes to see the solution developed to it's fullest |
22 |
as per the goals outlined in the PaX documentation. |
23 |
|
24 |
-- |
25 |
Ned Ludd <solar@g.o> |
26 |
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer |