1 |
On Sat, 29 Apr 2017 17:56:10 +0200 |
2 |
Daniel Cegiełka <daniel.cegielka@×××××.com> wrote: |
3 |
|
4 |
> By the way, I don't know what the Gentoo Hardened or Alpine Linux |
5 |
> have done wrong, that now are left out in the cold. |
6 |
|
7 |
That's the part I don't get either. Since the only possible motivation |
8 |
I can think of for this move is to generate more income, they could've |
9 |
at least tried asking the community for donations first. |
10 |
|
11 |
Now, I suppose someone is going to answer "If you'd be willing do |
12 |
regularily donate to them, you might as well get a subscription", but I |
13 |
fear this might have some serious drawbacks. In the past years, |
14 |
the Gentoo Hardened devs have invested quite some work to make sure |
15 |
most applications in the tree work on grsec/PaX-enabled kernels without |
16 |
too much fallout. But now, there's suddently a lot less motivation to |
17 |
keep up this work. |
18 |
|
19 |
> Instead of complaining, we have to decide what to do next. In my |
20 |
> opinion, it is critical to maintain support for PaX* for future |
21 |
> kernels. It will not be easy, so I'm right away saying that Gentoo |
22 |
> Hardened, Alpine Linux etc. should join forces in realizing this |
23 |
> project. I think there will be more people who will be interested |
24 |
> in... |
25 |
|
26 |
It might be hard to come up with the manpower needed to maintain such a |
27 |
large kernel patch. Assuming upstream stand by their decision in |
28 |
the long run, I think the only reasonable long-term approach would be to |
29 |
try mainlining as much as possible and forget about the rest. And as |
30 |
Brad and PaX Team can surely tell us, that'd be a gargantuan task if it |
31 |
is at all possible. |
32 |
|
33 |
Regards, |
34 |
Luis |