Hi,
the short answer is: Probably not.
The long answer is: Yes, it will certainly have an impact on the security of many Linux-based systems. IPFire is only one of them.
The technical issue for us will be that kernel updates won't be as easy for us since we will need to make work that is usually done in the grsecurity project. Frankly we do not have the expertise for that. Even if we had we would have the time and it won't make sense to do the same work multiple times.
I find that this is a great loss for the free software world. If all free software projects see themselves forced to remove their code from "the market" there would not be much left. We all fight the same issues here, since our software is used by companies which make lots of money out of it and do development work based on IPFire but do not give anything back.
The grsecurity case is a very severe case though.
Sure it is free software in the end and we all wouldn't do free software if we didn't know this from the beginning. We do not expect money from every single user, because other things are even more important. But at the end of the day money is needed to run the project. If someone is paying that from their own pocket and an other one is making the huge profit, something is *clearly* wrong.
Therefore I can personally understand Brad and the PaX team very well and I understand that they see this is a threat to their name and future work.
So we dearly *hope* that this entire dispute can be settled and Brad is not forced to make the stable patches only available for the "sponsors" which are paying customers then. This will be a huge loss for IPFire and all its users as well as many other projects that rely on grsecurity.
Hope this answers your question.
Best, -Michael
On Thu, 2015-08-27 at 14:42 -0400, William Pechter wrote:
Important Notice Regarding Public Availability of StablePatches https://www.grsecurity.net/index.php#
Due to continued violations by several companies in the embedded industry of grsecurity^® 's trademark and registered copyrights, effective September 9th 2015 stable patches of grsecurity will be permanently unavailable to the general public. *For more information, read the full announcement. https://www.grsecurity.net/announce.php
https://www.grsecurity.net/announce.php