| 1 |
Hi! |
| 2 |
|
| 3 |
On Fri, May 12, 2017 at 09:10:43PM +0200, "Tóth Attila" wrote: |
| 4 |
> Please take a look at on the reply of PaxTeam postend on the openwall |
| 5 |
> mailing list: |
| 6 |
> http://openwall.com/lists/kernel-hardening/2017/05/11/2 |
| 7 |
|
| 8 |
What's for? It's pointless. Only very few people are really interested |
| 9 |
(i.e. not just curious) in knowing who is paid by which company for doing |
| 10 |
what, who makes more real bugs, and who lies about something. |
| 11 |
|
| 12 |
The important questions about how to keep current level of protection for |
| 13 |
individual/small business users and how users of some distributions like |
| 14 |
Gentoo/Ubuntu/Android can be protected with GrSec/PaX are still unanswered. |
| 15 |
|
| 16 |
While large companies may buy subscription for GrSec/PaX the mentioned |
| 17 |
above categories of users can't (correct me if I'm wrong, please) - so |
| 18 |
effectively the change in GrSec policy makes harm and punish mostly these |
| 19 |
categories of users. If that's real GrSec/PaX goal - it's very sad but |
| 20 |
they probably have rights to do this (except their public reasoning |
| 21 |
doesn't match what they actually do, so probably there are some unsaid |
| 22 |
reasoning exists too), but if it's not their real goal - then they |
| 23 |
probably should provide some options for these categories of users too. |
| 24 |
|
| 25 |
-- |
| 26 |
WBR, Alex. |
Archives