Re: Opinion about linux-grsec in a stable release
On Wed, Mar 02, 2016 at 09:01:34PM +0100, Yves-Alexis Perez wrote:
> On mer., 2016-03-02 at 20:06 +0100, Moritz Muehlenhoff wrote:
> > Before considering that, did anyone approch grsecurity whether we can get
> > access to the grsecurity stable patches? We would most definitely have Debian
> > funds to become grsecurity sponsors to obtain access to stable patches.
>
> I think that'd be something nice anyway, but…
> >
> > Whether that's possible/desirable by grsecurity is the question, though:
> > Having the stable patches in Debian would make them available to the
> > general public (including those sleazy embedded companies which made them
> > change their distribution scheme).
>
> Indeed, I didn't even bother to ask because when you gain access to the stable
> patches, you commit yourself to not make them available publicly, which is
> obviously exactly what we would do.
It's the release team's call, but IMO unless upstream changes their policy to
allow public access to stable patches again, this seems rather like a case
for a PPA or possibly backports (but they generally require backports from
what is in testing).
Cheers,
Moritz
Reply to: