lol, grsecurity went fully closed, probably in an attempt to stop the Kernel Self Protection Project from making it obsolete
4
6
1
22
What innovation has the Kernel Self Protection brought over Grsec/PaX? I don't really see them as competing
1
8
None. It is a feature by feature (partially implemented) rip off, even acknowledged.
1
1
The "innovation" is being upstream, thus protecting everyone rather than, in the past, people who went out of their way to get grsec...
2
1
...moving forward, only big companies who go out of their way AND pay $$$ to get grsec.
1
If you blame Linus for grsec not working with upstream in the past, that's fine by me; I don't know and don't care about the history.
1
But evidently it *is* possible to get stuff upstream now, albeit slower (but also less hackily), slowly decreasing the value add of grsec.
2
Mind you, if RAP were open, I don't think it'd have a hard time being upstreamed as an optional feature - not disruptive like other stuff.
2
Replying to @comex @lazytyped @marcan42
you clearly have no idea what it took to protect linux with RAP. it's the *most* complex feature of PaX by far.

Apr 28, 2017 · 9:14 AM UTC

1
2
Replying to @paxteam @lazytyped @marcan42
I could be mistaken on that point, since of course RAP is closed and I can't inspect it. (Less certainty is why I said "I don't think".)
2
more replies