On Fri, Aug 22, 2003 at 06:35:37PM -0400, Phillip Hofmeister wrote: > On Fri, 22 Aug 2003 at 10:32:27AM -0400, Matt Zimmerman wrote: > > It is often the case that the attacker doesn't know the exact location of > > structures in memory; there are techniques for finding out. I'm sure that > > the authors of PaX do not misrepresent it as complete protection. > > > > It's pointless to argue about it; it's clear that PaX provides some value in > > protection against security vulnerabilities, and I think it's also clear > > that because it will break many existing applications, it is not suitable > > for use by default. But there is no reason why a PaX-enabled kernel could > > not be provided as an option. All it needs is someone willing to do the > > work (hint, hint). > > I would be willing to maintain a grsec kernel image with PaX and temp. > file symlink blocking if someone would be willing to sponsor it (hint, > hint)
Does anyone know when a grsec patch set will be available for 2.6.0t3 or know of one updated to work with 2.4.22rc2? Yeah, I know, they are still experimental...
