Not trying to add fuel to the fire here, but I just got a hold of the private versions of PaX/grsec (one version is a few months before & the other a few months after my work). In the later version the executable .rodata issue is fixed. I was told it was a 'known' 'non-issue'.
Conversation
Replying to
Better fix those non “issues”. 🤣Nothing like trash talk and then sneakily go and fixe them. Super ethical behavior for sure!
1
Anyone in the practical field of security understands fixing non-/low priority issues purely because of a public that doesn't understand threat models. For example: seclists.org/oss-sec/2020/q and the resulting response by distros
2
The public cares about what is discussed, but the expert knows about what is possible. If you truly think an attack requiring both CAP_SYS_ADMIN and a separate kernel mem corruption vuln is important, you know nothing about the Linux kernel - but I guess you approved that thesis?
1
I don't think you are familiar with the academic process. I do not "approve" a thesis, I supervise a thesis. The thesis is approved or not, by an external expert in a public defense.
2
You are playing with semantics. You certainly do approve the thesis, because you approve the topic, and you approve the student to defend in front of the committee. I'm assuming you were on the committee too, correct?