Nah, kicsit árnyaljuk azt a képet, Hector saját szavaival:
"grsecurity is a security-oriented patch set for the Linux kernel. It includes a rather temperamental compiler plugin that tries to detect integer truncation and overflow bugs. Unfortunately, it often reports false positives, and such reports crash all or part of your kernel (paranoia, security before uptime).
One such false positive in the Linux TTY layer can be triggered by writing a bunch of data into a TTY at once. This can be done using the above command (script allocates a pseudo TTY), or simply by pasting a bunch of text into a terminal window (how I originally found it).
Another user hit this first, and reported it. The grsecurity devs tried to fix it (work around the false positive) by changing the type of a bunch of variables from int (signed 32-bit) to size_t (unsigned 64-bit on 64-bit machines). Unfortunately, the code very obviously has the variable going negative under some circumstances, so the patch, instead of fixing the false positive, actually introduced a real integer underflow bug, that was caught by the compiler plugin (now no longer a false positive!), and the kernel still crashed. Worse, if you build without the plugin enabled, the code is now subtly broken.
I then hit the bug, figured out what happened, reported it, and found it ridiculous so I tweeted it. They should've never let that patch go in without effective review and testing.
"
(Forrás: https://www.reddit.com/r/programming/comments/4gn0dr/hector_martin_on_t…)
Alapvetően, az zavar, hogy false pozitív hibából valósat csináltak, nem is kicsit. A másik, hogy fele ekkora hírverés lett belőle, ha nem reagálják túl. Ha profi csapat képét akarják mutatni, akkor nem bannolunk, meg kitiltjuk az illetőt, hanem küldünk neki egy láda sört.
--
"Maradt még 2 kB-om. Teszek bele egy TCP-IP stacket és egy bootlogót. "