The Life of a Bad Security Fix

It’s a complicated and really sad story.

On a technical level the grsecurity people are extremely skilled when it comes to security. It would be a win for everyone if they’d contribute to Linux development in a productive way.

Their interaction with the kernel community, and particularly with Linus Torvalds himself, was often dominated by throwing insults at each other. I’m inclined to say that neither side has made any serious attempt to calm this conflict down and come to a reasonable understanding of each other. (There were people who tried that, those people were then themselve the target of insults thrown by grsec…)

The situation we have now is that grsec is doing work mostly closed off, the legality of that is questionable (they’re basically trying to hack the GPL with contractual obligations for their customers).

Thanks to the Courtesy of :

https://www.reddit.com/r/netsec/comments/etopcw/the_life_of_a_bad_security_fix/

Leave a Reply