1 |
On 2021-06-23 08:43, Matt Turner wrote: |
2 |
> On Tue, Jun 22, 2021 at 3:19 PM Thomas Deutschmann <whissi@g.o> wrote: |
3 |
>> The PaX community in Gentoo is still big and active. |
4 |
>> |
5 |
>> Many Gentoo users received free access to upstream sources or became |
6 |
>> paying customers. |
7 |
>> |
8 |
>> It's just not available for everyone for free/without registration |
9 |
>> anymore. But it is still a thing in Gentoo. |
10 |
> |
11 |
> Can you substantiate that claim? |
12 |
|
13 |
I am probably not the right person to answer that, given that I was |
14 |
never active in Gentoo's hardened/PaX project but let me try: When I got |
15 |
in touch with that stuff (via Debian) and was looking for help, I always |
16 |
run into a community full of helpful Gentoo users. |
17 |
|
18 |
The project itself always had a very good connection with the Gentoo |
19 |
project. Before they stopped providing unrestricted access, the Gentoo |
20 |
PaX/hardened community was around ~30 *active* people with additional |
21 |
~40-60 changing people hanging around which I believe is a lot for such |
22 |
a niche. |
23 |
|
24 |
That's why upstream also mentioned Gentoo in |
25 |
https://grsecurity.net/passing_the_baton.php. |
26 |
|
27 |
Regarding numbers: I am not sure what you are expecting. All I can tell |
28 |
you is that people who were active, interested and probably known to |
29 |
upstream had the chance to get free access for their personal use (there |
30 |
was even an offer for Gentoo infrastructure...). I don't know how many |
31 |
are still using Gentoo. |
32 |
|
33 |
|
34 |
> There was a pax-kernel USE flag on Mesa and I don't recall anyone |
35 |
> saying a word when I removed it. |
36 |
|
37 |
As you probably know, I am not a Linux desktop user (yet). My complete |
38 |
experience with that PaX stuff is limited to servers. |
39 |
|
40 |
|
41 |
> If there are paying customers that have PaX kernels, perhaps they'd be |
42 |
> interested in providing some support for Gentoo if we're being asked |
43 |
> to retain support for something we cannot test. |
44 |
|
45 |
Yeah, would be nice to hear something from Gentoo hardened project at |
46 |
all (I am looking at you, mschiff, zorry or blueness ;)). I think |
47 |
slashbeast could also provide more information. |
48 |
|
49 |
I still remember when I reworked firefox/thunderbird ebuild and broke |
50 |
PaX marking there (https://bugs.gentoo.org/756679). So yes, we have at |
51 |
least some users ;-) |
52 |
|
53 |
|
54 |
-- |
55 |
Regards, |
56 |
Thomas Deutschmann / Gentoo Linux Developer |
57 |
fpr: C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 |