| 1 |
On 2021-06-23 08:43, Matt Turner wrote: |
| 2 |
> On Tue, Jun 22, 2021 at 3:19 PM Thomas Deutschmann <whissi@g.o> wrote: |
| 3 |
>> The PaX community in Gentoo is still big and active. |
| 4 |
>> |
| 5 |
>> Many Gentoo users received free access to upstream sources or became |
| 6 |
>> paying customers. |
| 7 |
>> |
| 8 |
>> It's just not available for everyone for free/without registration |
| 9 |
>> anymore. But it is still a thing in Gentoo. |
| 10 |
> |
| 11 |
> Can you substantiate that claim? |
| 12 |
|
| 13 |
I am probably not the right person to answer that, given that I was |
| 14 |
never active in Gentoo's hardened/PaX project but let me try: When I got |
| 15 |
in touch with that stuff (via Debian) and was looking for help, I always |
| 16 |
run into a community full of helpful Gentoo users. |
| 17 |
|
| 18 |
The project itself always had a very good connection with the Gentoo |
| 19 |
project. Before they stopped providing unrestricted access, the Gentoo |
| 20 |
PaX/hardened community was around ~30 *active* people with additional |
| 21 |
~40-60 changing people hanging around which I believe is a lot for such |
| 22 |
a niche. |
| 23 |
|
| 24 |
That's why upstream also mentioned Gentoo in |
| 25 |
https://grsecurity.net/passing_the_baton.php. |
| 26 |
|
| 27 |
Regarding numbers: I am not sure what you are expecting. All I can tell |
| 28 |
you is that people who were active, interested and probably known to |
| 29 |
upstream had the chance to get free access for their personal use (there |
| 30 |
was even an offer for Gentoo infrastructure...). I don't know how many |
| 31 |
are still using Gentoo. |
| 32 |
|
| 33 |
|
| 34 |
> There was a pax-kernel USE flag on Mesa and I don't recall anyone |
| 35 |
> saying a word when I removed it. |
| 36 |
|
| 37 |
As you probably know, I am not a Linux desktop user (yet). My complete |
| 38 |
experience with that PaX stuff is limited to servers. |
| 39 |
|
| 40 |
|
| 41 |
> If there are paying customers that have PaX kernels, perhaps they'd be |
| 42 |
> interested in providing some support for Gentoo if we're being asked |
| 43 |
> to retain support for something we cannot test. |
| 44 |
|
| 45 |
Yeah, would be nice to hear something from Gentoo hardened project at |
| 46 |
all (I am looking at you, mschiff, zorry or blueness ;)). I think |
| 47 |
slashbeast could also provide more information. |
| 48 |
|
| 49 |
I still remember when I reworked firefox/thunderbird ebuild and broke |
| 50 |
PaX marking there (https://bugs.gentoo.org/756679). So yes, we have at |
| 51 |
least some users ;-) |
| 52 |
|
| 53 |
|
| 54 |
-- |
| 55 |
Regards, |
| 56 |
Thomas Deutschmann / Gentoo Linux Developer |
| 57 |
fpr: C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 |
Archives