Re: 2.6 freeze and grsecurity

From: Barry K. Nathan
Date: Sat Oct 18 2003 - 10:08:48 EST

Next message: Thomas Giese: "2.6.0-test8-microcode"
Previous message: koala: "Mohammed Al-Foudari's ThinkGeek.com Wish List!"
In reply to: John R Moser: "2.6 freeze and grsecurity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Oct 18, 2003 at 02:36:27AM -0400, John R Moser wrote:
> Is there any plan to impliment grsecurity into the final 2.6 release
> before all the tests are finished and the thing is frozen totally? I

IMO a change this huge (and potentially controversial, see below) would
have needed to happen back in 2.5.x. Since that's in the past now, I
think it'll have to wait for 2.7.x.

[snip]
> countermeasures. That is my understanding of PaX, grsecurity, and
> seLinux in a nutshell.

PaX has competition:
http://people.redhat.com/mingo/exec-shield/

The pros and cons of ExecShield and PaX would need to be compared before
either one can be incorporated into the mainline kernel.

> Due to this "kill the problem at its source" approach to executable

I would argue that grsec doesn't "kill the problem at its source", but
rather mitigates things when it's already too late to kill the problem
at its source. IMO "kill[ing] the problem at its source" requires fixing
programs to be non-exploitable.

Grsec certainly provides additional security, but I don't think we
should hype it too much either.

> security bugs, I think that grsec belongs in 2.6's core distribution, if
> possible. As far as I know, there is no 2.6 patch for grsecurity, but
> I'd at least feel better knowing that Linus (and the other guy, who's
> name escapes me right now) would at least consider allowing grsec to make
> its way to the core distribution of the kernel even if a 2.6 patch
> doesn't make it out until a few revisions in. The generic security

Adding grsec after 2.6 is released would be absolutely *ludicrous* IMO.
I think if it's going to go into the mainline kernel it needs the kind
of scrutiny and testing that would be best provided by inclusion in
2.7.

> increase is something that nobody can really argue with, although other
> issues like the sudden strange inclusion of a whole new section in the
> kernel for a revision may provide the other side of the argument.

I think "the other side of the argument" completely kills the idea for
now...

> GRsec is in no way all-powerful, but I really feel safer with it.

As do I, but I don't want to see anything like the 2.4 VM debacle
happen again in 2.6...

-Barry K. Nathan <barryn@xxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Thomas Giese: "2.6.0-test8-microcode"
Previous message: koala: "Mohammed Al-Foudari's ThinkGeek.com Wish List!"
In reply to: John R Moser: "2.6 freeze and grsecurity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]