grsecurity forums

[darko]

(...)For this and other reasons, PaX will be terminated on 1st April, 2005, a fitting date... (...)

It was with great surprise that I read the announcement by the PaX team. Your work has been no less than amazing, and for that I can't thank you enough. In a period where many vendors seem to take security lightly, deploying half-assed solutions like DEP and ExecShield, you have managed to make a difference by showing that you truly care about security.

So ok... You've found a major vulnerabilty in the code, I can't honestly believe that you'll leave such a great project for that reason, mistakes happen, moreover the code is provided as is, no guarantees, you don't owe anything to anyone. And to be honest, now I trust you even more. After the last advisory, you've showed that you really really care...

But well, I'm aware that my words won't make you change your mind. I just want to thank you, one last time, for this excellent project.

Best of luck,
JP

[Shapemaker]

(...)For this and other reasons, PaX will be terminated on 1st April, 2005, a fitting date... (...)

It was with great surprise that I read the announcement by the PaX team. Your work has been no less than amazing, and for that I can't thank you enough. In a period where many vendors seem to take security lightly, deploying half-assed solutions like DEP and ExecShield, you have managed to make a difference by showing that you truly care about security.

So ok... You've found a major vulnerabilty in the code, I can't honestly believe that you'll leave such a great project for that reason, mistakes happen, moreover the code is provided as is, no guarantees, you don't owe anything to anyone. And to be honest, now I trust you even more. After the last advisory, you've showed that you really really care...

But well, I'm aware that my words won't make you change your mind. I just want to thank you, one last time, for this excellent project.

What the hell? What is this?

Where did you get that information? I can't believe it! This must be a very bad 1st April joke...

[nordom]

http://www.addict3d.org/index.php?page= ... ty&ID=3418

[PaX Team]

Is it true?

yes, although given the lack of offers for future maintenance, i don't yet know what to do, it's not what i expected for sure and may very well force me to find some other solution. we'll see at the end of the month.

[Skywind]

Is it true?

yes, although given the lack of offers for future maintenance, i don't yet know what to do, it's not what i expected for sure and may very well force me to find some other solution. we'll see at the end of the month.

Today is 3/30, is the PaX will be terminated?

[tuxq]

Is this some sick ass April fools joke? --it's not even April yet!
Everyone fscks up. At least you didn't fsck up like OpenBSD ...January of this year, a flaw was found in their tcp stack--if a packet with a malformed timestamp was sent, it'd crash that sob. ....Now that's a fsck up.

[tuxq]

A side note... if I'm on a Linux without grsec, I feel uneasy-- like something is missing. I know GRSEC isn't the cure-all, but it's a damn good precautionary measure. Don't let your fans down :\

[Skywind]

Did anyone knows the status of this now?

[PaX Team]

Did anyone knows the status of this now?

i do , since noone took over the project in the end, i'll do minimal maintenance on 2.2 and 2.4. the fate of the 2.6 version is in question, i definitely won't be following every release.

[ixion]

doesn't not using SEGMEXEC or RANDEXEC solve (workaround) the vulnerability or am I way off here?

[PaX Team]

doesn't not using SEGMEXEC or RANDEXEC solve (workaround) the vulnerability or am I way off here?

it does but why not use the fixed versions instead?

[ixion]

doesn't not using SEGMEXEC or RANDEXEC solve (workaround) the vulnerability or am I way off here?

it does but why not use the fixed versions instead?

terribly sorry, I didn't realize it was fixed.. I should've researched a bit more..

cheers!