Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2194838imu; Thu, 24 Jan 2019 08:41:42 -0800 (PST) X-Google-Smtp-Source: ALg8bN76SqHcAqv04OzgIZ8f314GFM2YM1dFOqGjHNHVDZGbk1al247qxe//d7BRgdt8+/QmUWnV X-Received: by 2002:a65:4904:: with SMTP id p4mr6621172pgs.384.1548348102321; Thu, 24 Jan 2019 08:41:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1548348102; cv=none; d=google.com; s=arc-20160816; b=ZMNEFykgj2zpsvyAV+Ko1SZ5bDDmKpFRsVNw4aLlUuyWsZIErbqED861b0bjX0tgvs 6ezQrlMxTtI7jTE2dDfUexDkadQ5mgy9YFt8CQYhfNQCInno47YKJ0jVFiDAKMWM3Gwm FG2835wJ0UIxJpohi+nYbleLtTHq8eBiy/ckKMSqz7gwybvbl+EQxerLRptLFywoHgtf RHoqPSqZtIZ1I9wgE4/WmHaDkLkgpnI256ft8hwjYMWmWUlmmlLs628VvEGmeCmHfREY uou44He7NgEyIdyocgCVoobQ0U/WeN3pPEUNzsFoHHbDOVmSbzrd/s2B0UMCMeSSzGZu /MkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:message-id:references :in-reply-to:subject:cc:to:from:date:content-transfer-encoding :dkim-signature:mime-version; bh=nr56L68jt/bHcgtSOj4u1H0Y+1cbVJA6eI+u4YFivH4=; b=eqIe+9Qb5g284b1UXoeZi73rrZrykt4GZsPuzIH5ojjIfdZJsfRpN6TFpomIzpfpBF MET8VRs/ee05s5KxfEPJGDjbWuQo1v/rHP5tsLpBDBUcSDqFmyYW7I1xvpeevLfzSC65 pQwQNbtLLVs3JyYw8U3JEJkEGwHOrdFisKi6bjk+5xukjZBuLNTbnATTsfSYAFqEr5xw Wjabk+KFHv1Y6bFMXWG34k6HMiKGgt4a1paBwvnUh9hkhCcSz08Tx5obh9UmPhVfG2VA XZswXiqUgA24xF2AkX8XzjYvaU/2qcGyFbjN9Vhgy75WaBSfvgc1DUrv+g8XO9DMOarE K1/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redchan.it header.s=mail header.b="hxju/3My"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f18si21753317pgl.457.2019.01.24.08.41.26; Thu, 24 Jan 2019 08:41:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redchan.it header.s=mail header.b="hxju/3My"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728653AbfAXQkm (ORCPT + 99 others); Thu, 24 Jan 2019 11:40:42 -0500 Received: from cock.li ([185.100.85.212]:36038 "EHLO cock.li" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727658AbfAXQkm (ORCPT ); Thu, 24 Jan 2019 11:40:42 -0500 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on cock.li X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_40,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,NO_RECEIVED,NO_RELAYS shortcircuit=_SCTYPE_ autolearn=disabled version=3.4.2 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=redchan.it; s=mail; t=1548348038; bh=nr56L68jt/bHcgtSOj4u1H0Y+1cbVJA6eI+u4YFivH4=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=hxju/3Myygw8xm0QfhCmFDO5tafnwttQO2QEMefxHF/TCwJ1ImWrmvZuOMwagitCc atRZJuvVeXikdGmd5cB8+BioOpU3aJ0fNHwy9rZihsXdFFzB6HFDfg5+eHXRXWMNOs SQqRPAApJU1g/i/exed7TQHqXT1AgZfRRDhBpDeN5bdtrBusXqdG8YbX2wNvwmbhI/ M3QV7l/t4vD6ZaSKPoCrg0FVbt3IStk246T7XONB03d5pZPMsT8N0dtLSRnJKMcMpB XkyTbJ4WPdCZOPv5ApcXU3TJmuivRKeGSid7cNt7Kr+EARkD0MkDp9qkRJghFIFlms tbBojGOz4FA8w== Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 24 Jan 2019 16:40:37 +0000 From: linuxgpletc@redchan.it To: "Enrico Weigelt, metux IT consult" Cc: Ivan Ivanov , Linux Kernel Mailing List , gentoo-user@lists.gentoo.org, freebsd-chat@freebsd.org, misc@openbsd.org, rms@gnu.org Subject: Fwd: Re: GRSec is vital to Linux security In-Reply-To: <3efc6268-747d-0841-4249-5804fa9095ca@metux.net> References: <3efc6268-747d-0841-4249-5804fa9095ca@metux.net> Message-ID: X-Sender: linuxgpletc@redchan.it User-Agent: Roundcube Webmail/1.3.6 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org -------- Original Message -------- Subject: Re: GRSec is vital to Linux security Date: 2019-01-24 16:25 From: Boris Lukashev To: linuxgpletc@redchan.it You've never heard of VMware, I take it? Its a proprietary half Linux which beats GPL suits with strong arm tactics and technicalities. Unlike grsec, they don't distribute any source, because it's proof of theft... Grsecs back port work is also public, since they're public upstream patches or mailing list patches, the GCC plugins are the real magic... Those aren't as GPL as the kernel, rap is patented, respectre likely will be as well. The critical code changes they need (per CPU PGD, for one) will not be accepted as Linus has "said so." Those code bits are out there... Also, doesn't matter if their patch leaks for the most part (4.4 just did get leaked a few weeks back), as I wrote before, nobody really has the time or skill available to maintain at their level of quality... Linux might be free, but it's not something that should be run in production when there's data or resource at stake. Is the thought process that they should open up their commercial stable code for free to all? Because RHEL has the same "don't leak" policy on RHEL sources too... VMware even goes so far as to blatantly claim not to use Linux. How about Google's internal Linux? GPL is dead (has been for 20y), build the strongest defenses you can with whatever code you can get and prove, because your adversaries won't care about which license clause their tooling adheres to. Boris Lukashev Systems Architect Semper Victus -------- Original Message -------- From: linuxgpletc@redchan.it Sent: Wednesday, January 23, 2019 05:35 PM To: bruce@perens.com Subject: Re: GRSec is vital to Linux security CC: moglen@columbia.edu,bkuhn@sfconservancy.org,compliance@sfconservancy.org,blukashev@sempervictus.com,tcallawa@redhat.com,torvalds@osdl.org