Re: Grsecurity is about to be discontinued, unless...
[Posted January 7, 2009 by jake]
| From: |
| Linus Torvalds <torvalds-AT-linux-foundation.org> |
| To: |
| Gabor MICSKO <gmicsko-AT-gmail.com> |
| Subject: |
| Re: Grsecurity is about to be discontinued, unless... |
| Date: |
| Sat, 3 Jan 2009 12:16:50 -0800 (PST) |
| Message-ID: |
| <alpine.LFD.2.00.0901031210260.3179@localhost.localdomain> |
| Cc: |
| akpm-AT-linux-foundation.org, linux-kernel-AT-vger.kernel.org |
| Archive‑link: | |
Article |
On Sat, 3 Jan 2009, Gabor MICSKO wrote:
>
> In short, I would like to know what is your answer to this request. And
> in the case if you see no chance for the integration, I would like to
> know what is the reason behind this decision.
Quite frankly, historically the patches have been a mis-match of
- some sane stuff
- lots of totally insane and very annoying and invasive code.
an example of the second class is the totally idiotic "emulate NX bit -
badly - with code segment limits" kind of patches. These kinds of patches
only add unmaintainable crap that isn't even relevant in the long run, and
thus any sane maintainer (me) should refuse to take them.
The apparent inability (and perhaps more importantly - total
unwillingless) from the PaX team to be able to see what makes sense in a
long-term general kernel and what does not, and split things up and try to
push the sensible things up (and know which things are too ugly or too
specialized to make sense), caused many PaX features to never be merged.
Much of it did get merged over the years (mostly because some people spent
the time to separate things out), but no, we're not going to suddenly
start merging code like that just because the project is in trouble. None
of the basic issues have been solved.
Linus
