Re: Is this Grsecurity patch issue going to harm IPFire going forward?

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 2359 bytes --]

Hi,

the short answer is: Probably not.

The long answer is: Yes, it will certainly have an impact on the
security of many Linux-based systems. IPFire is only one of them.

The technical issue for us will be that kernel updates won't be as easy
for us since we will need to make work that is usually done in the
grsecurity project. Frankly we do not have the expertise for that. Even
if we had we would have the time and it won't make sense to do the same
work multiple times.

I find that this is a great loss for the free software world. If all
free software projects see themselves forced to remove their code from
"the market" there would not be much left. We all fight the same issues
here, since our software is used by companies which make lots of money
out of it and do development work based on IPFire but do not give
anything back.

The grsecurity case is a very severe case though.

Sure it is free software in the end and we all wouldn't do free
software if we didn't know this from the beginning. We do not expect
money from every single user, because other things are even more
important. But at the end of the day money is needed to run the
project. If someone is paying that from their own pocket and an other
one is making the huge profit, something is *clearly* wrong.

Therefore I can personally understand Brad and the PaX team very well
and I understand that they see this is a threat to their name and
future work.

So we dearly *hope* that this entire dispute can be settled and Brad is
not forced to make the stable patches only available for the "sponsors"
which are paying customers then. This will be a huge loss for IPFire
and all its users as well as many other projects that rely on
grsecurity.

Hope this answers your question.

Best,
-Michael

On Thu, 2015-08-27 at 14:42 -0400, William Pechter wrote:
>       Important Notice Regarding Public Availability of Stable
> Patches
>       <https://www.grsecurity.net/index.php#>
> 
> Due to continued violations by several companies in the embedded
> industry of grsecurity^® 's trademark and registered copyrights,
> effective September 9th 2015 stable patches of grsecurity will be
> permanently unavailable to the general public. *For more information,
> read the full announcement. <https://www.grsecurity.net/announce.php>
> 
> https://www.grsecurity.net/announce.php
> *
> 

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]