Linux infosec outfit does a Torvalds, rageblocks innocent vuln spotter

An open source security firm has blocked a security researcher who reported flaws in a recently issued patch in an apparent fit of pique.

Hector Martin took to Twitter on Tuesday to note a trivial crashing vulnerability in a recently issued patch by Grsecurity.

“I literally crashed my box by pasting a bunch of text into a terminal, due to a really sad bug in the patch,” Martin said.

This is the fail in the @grsecurity patch. How did this pass review? ... a security patchset has code review, right? pic.twitter.com/gincZXdQrU

— Hector Martin (@marcan42) April 25, 2016

In response, Grsecurity acknowledged the issue, which it said would be fixed in the next release. At the same time it blocked Martin on both Twitter and by IP address.

“The proper fix (aka not yours, Mr. High Horse Captain Obvious) will be in the next patch, but good luck obtaining it,” Grsecurity snarkily responded.

That grsecurity Tweet in full

Grsecurity also blocked anyone who liked or retweeted Martin's tweet, a reaction that’s unsurprisingly already spawned a lively discussion thread on Reddit.

Developers later said a new patch was available, so top marks for reaction time but demerits for diplomatic fines.

“New test patch up with improved protection against irrelevant infosec anklebiters,” Grsecurity later Tweeted.

Grsecurity’s technology is designed to provide security enhancement to the Linux kernel. ®