Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 03 May 2017 14:56:44 -0400
From: Rik van Riel <>
To: Shawn <>, Kees Cook <>
Cc: Mathias Krause <>, Daniel
 Cegiełka <>,
 "" <>
Subject: Re: It looks like there will be no more public
 versions of PaX and Grsec.

On Wed, 2017-05-03 at 12:50 +0800, Shawn wrote:

> The fragmentation of Android eco-system may be inevitable. The whole
> chains is too long from ASOP/BSP/Vendors and it affect the security
> fix being delivered to the end user. According to my own statistic
> from my customers, there will be more than 7 millions of Android
> phone
> will be using some features of PaX/Grsec this year.

That is great news. I am glad to hear the hardening features
are being used on that many phones.

Of course, given the fragmentation of the eco-system, the
only thing that can get the hardening on all of the (new)
phones in the future will be getting the hardening features
into the upstream kernel.

> btw: I share the same view with Mathias Krause and other ppl who
> really concern the real sense of security. I like KSPP in the 1st
> place. But now I lost PaX/Grsecurity test patch. Who should I blame?

I am not sure anyone deserves blame for this situation.

Spender has been doing what is best for his business,
and his work is an important asset for security-minded

Kees and the other KSPP contributors have been doing what
is best for the community, and wide-spread adoption of
hardening functionality.

The important question to ask is "what do we do now?"

I suspect the answer is upstreaming more and more of the
grsecurity functionality, so nobody needs to carry around
that patch any more.

All rights reversed
Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.