Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 17 Nov 2015 11:32:38 +0100
From: Richard Weinberger <>
To: "" <>
Subject: Re: 

On Tue, Nov 17, 2015 at 8:41 AM, Daniel Micay <> wrote:
> On 16/11/15 07:13 AM, Richard Weinberger wrote:
>> On Mon, Nov 16, 2015 at 6:33 AM, Daniel Micay <> wrote:
>>> On 15/11/15 03:59 PM, Richard Weinberger wrote:
>>>> On Fri, Nov 13, 2015 at 4:43 PM, west suhanic <> wrote:
>>>>> Hello All:
>>>>> I am a hardened gentoo user. How can we get the grsecurity code into the
>>>>> kernel?
>>>> As soon all downsides and drawbacks are identified/resolved.
>>>> Which basically means that we have to redo a lot (it not all).
>>> You might not be familiar with the grsecurity/PaX features and their
>>> implementations but lots of people are. It's not unexplored territory
>>> without known trade-offs. It has active developers who are happy to
>>> answer questions about it (within reason).
>> I'll kindly ignore this personal attack.
> I didn't mean this as a personal attack. I just found that statement to
> be off i.e. it seems to imply that PaX/grsecurity are low quality and
> that they need to be improved to upstream them, when IMO what really
> needs to happen to just making the features more politically acceptable
> even if it ends up making them harder to implement / less useful.

Well, it is of course not of low quality. Nobody said that.
But some features have a technical burden and performance drawbacks.
These need to be explained in detail and I'm sure there is also room for

Anyway, enough hot air for now. Patches talk, bullshit walks. ;-)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.