RE: grsecurity: Another one bites the dust...

["Scott Phelps / Dreamwright Studios" <scottp () dreamwright com>]

Ummm, what day is it?


-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
Glenn_Everhart () bankone com
Sent: Tuesday, April 01, 2003 9:06 AM
To: jeff () xiir net; full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] grsecurity: Another one bites the dust...


Anybody know what the patent claims are?

Some of the descriptions of grsecurity sound an awful lot like
technology I developed for VMS and published in the late 1990s in the
Safety program (still available, free) or documented as trivial
extensions (rate limits).

A brief description of the Safety program is at http://users.rcn.com/gce
in case there is a wish to see what it has in a very limited way. It
assumes the VMS ACL system of course, and some of the other security
goodness in VMS, but gets fairly tricky in other ways.

The rate limiting idea was something I have described as a useful
feature for at least the past 6-7 years and can be found here and there
in my mails and some bits of publications (DECUS sigtapes mainly).

At any rate, it is possibly prior art and publication, and was certainly
released to the public and should be useful in defending claims that
functions it provides could be patented by someone else.

At one time I wanted to sell Safety, but gave up on that and just
published the sources several years ago. The documents had been
published when it was first implemented (along about 1995). 

While there is a bunch of other stuff in grsecurity that is not in
Safety it is probably worth while to keep aware of what has been
published (even in publications that (alas) seem to have narrow
circulation) so that if someone claims patents on some of those
functions, the patents can be disputed.

Glenn Everhart


-----Original Message-----
From: Jeff [mailto:jeff () xiir net]
Sent: Monday, March 31, 2003 10:14 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] grsecurity: Another one bites the dust...


http://www.grsecurity.net

Looks like another big company screwed over a team of innocent
developers. It's a shame, grsecurity had so much promise.

Figures.

-jeff
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


**********************************************************************
This transmission may contain information that is privileged,
confidential and/or exempt from disclosure under applicable law. If you
are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution, or use of the information contained
herein (including any reliance thereon) is STRICTLY PROHIBITED. If you
received this transmission in error, please immediately contact the
sender and destroy the material in its entirety, whether in electronic
or hard copy format. Thank you
**********************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html