Thanks to everyone involved in the Gentoo Hardened project, especially Spender and Pax Guy, for the effort and guidance throughout the years. The anecdotes shared in this thread echo my own experiences to a degree, and I've learned a lot about computer security by trying to get the grsec RBAC system fully functional.
It's saddening to read the news today, and also to read that article in The Guardian; makes me really wish I'd been much more involved with this stuff. I donated a small amount, long ago, and always felt a sense of pride seeing my name on the grsec website. Here's to (not) getting rewted! On Apr 29, 2017 4:34 PM, Tóth Attila <at...@atoth.sote.hu> wrote: > 2017.Április 29.(Szo) 20:43 időpontban Daniel Cegiełka ezt írta: > >> That's the part I don't get either. Since the only possible motivation > >> I can think of for this move is to generate more income, they could've > >> at least tried asking the community for donations first. > > > > It's more complex: > > > > https://www.theregister.co.uk/2015/08/27/grsecurity/ > > > > I don't judge them. I'm interested in the future of projects that were > > heavily dependent on PaX (Gentoo Hardened, Alpine Linux). > > I also have concernes about the future of Gentoo Hardened userspace. > Security initiatives drew my attention 15+ years ago, when Adamantix was > alive. After discontinuation of the project I've discovered Gentoo > Hardened as something providing a remedy for security-aware refugees. Over > the years I get used to the infrastructure of Daniel Robbins' Gentoo and > experienced the benefits of the rolling release nature of the distro and > all those simple compile time tools provides to the power users. > When you go hardened, you cant stop it. > I wish Hardened Gentoo survives and continue to exist for long. > > >> Now, I suppose someone is going to answer "If you'd be willing do > >> regularily donate to them, you might as well get a subscription", but I > >> fear this might have some serious drawbacks. In the past years, > >> the Gentoo Hardened devs have invested quite some work to make sure > >> most applications in the tree work on grsec/PaX-enabled kernels without > >> too much fallout. But now, there's suddently a lot less motivation to > >> keep up this work. > > Personal subscription was my first idea. I've made several small donations > for the past decade. However a small fee equivalent to an antivirus > software subsription or an Android app has an effect if there are enough > people in the community. My guess is a project like grsecurity won't > really depend on some individual users. Individuals of the community are > suffering collateral damage currently. > > > Ned Lud (or Solar, but != Designer) has put a lot of work into the > > launch of Gentoo Hardened and, of course, the popularization of PaX. > > Old times.. :) > > Yes, Ned Ludd. > > > This means that there will be conflicts in the future. I don't claim > > that maintaining PaX support will be easy, but it's possible to do so. > > I believe the community and grsecurity will find a solution soon. Hardened > Gentoo provided a basis for test patches. > I understand the developers of grsecurity getting fed up by legal issues > and having a lack of time dealing with problems they don't want to spend > their resources on. I hope there will be a good solution for every > benevolent parties involved. > > Dwokfur > > >
