Plans to integrate PAX into the kernel mainline ?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Plans to integrate PAX into the kernel mainline ?

Postby zmau » Wed May 07, 2014 6:07 am

Hi

I was wondering, What are the plans to integrate PAX into the kernel mainline ?


thanks
zmau
zmau
 
Posts: 3
Joined: Tue Apr 29, 2014 11:32 am

Re: Plans to integrate PAX into the kernel mainline ?

Postby mikeeusa2 » Fri May 09, 2014 5:50 pm

No, and you wouldn't want them to.

KUDEv or some sort of thing that's been created by the great people that brought you pulseaudio and now pulseaudio for init will probably be accepted.

As it was explained to me in an article I read: The kernel maintainers are idiots when it comes to security, they are also uninterested, some contacts in the linux world work for the governments which would rather systems continue to be easily penetrated so that they can control the men within their societies, whom they own.
mikeeusa2
 
Posts: 60
Joined: Thu May 15, 2008 1:54 am

Re: Plans to integrate PAX into the kernel mainline ?

Postby debrouxl » Sun May 11, 2014 6:06 am

I think that there's a middle ground between the current situation (PaX + grsecurity being an out of tree patch of nearly 4 MB, sadly used by only a small minority of users, despite its crystal clear usefulness) and full integration of PaX + grsecurity into mainline Linux.
With enough time, programming knowledge, motivation, it is possible to move hunks of PaX / grsecurity into mainline Linux (even if mainline isn't necessarily receptive). Once in a while, someone upstreams several hunks: for instance, in April, minipli moved three hunks of PaX (constifying ipc_ops structures used for msgget/semget/shmget) to mainline (for now, linux-next).

This is not meant as a criticism of the way spender / "PaX Team" / ephox work. It's understandable they want to focus on improving the features of PaX / grsecurity, rather than spend time trying to deal with mainline's security standards and integration process. I feel that we'd all be better of if more of us (yup, I'm including myself in the pack) spent time upstreaming some PaX / grsecurity bits, so that more people can benefit from them.
debrouxl
 
Posts: 2
Joined: Sun May 11, 2014 4:25 am

Re: Plans to integrate PAX into the kernel mainline ?

Postby zmau » Sun May 11, 2014 1:28 pm

Hi!
Can you post a link to that article ?

BTW, if I understand you correctly, what you are saying is
1) I would want PAX to be integrated into the kernel mainline.
2) The kernel maintainers would not do it.

Thanks
zmau
 
Posts: 3
Joined: Tue Apr 29, 2014 11:32 am


Return to grsecurity support