Would be nice if more information on these exploits were provided, such as would a GrSecurity reinforced sandbox (or SELinux sandbox for that matter) for Chromium have stopped the exploit from gaining a shell, or the OpenBSD priv separation of X
Do they release the exploits after patching? I want to run unpatched versions on said above configurations or at least be able to read the code to see if it's yet another javascript problem.
These exploits usually target browsers running on Windows, which until recently did not have ASLR or DEP enabled by default (and still doesn't in the case of some browser plugins). Many Linux distros like Debian or Ubuntu have had RELRO, SSP, PIE, and ASLR enabled by default for browsers for a few years now. PaX and Grsecurity would indeed protect against all of these exploits -- up until one or two years ago. These newest exploits are way out of my league, and I don't know if anything could stop their authors.
Do they release the exploits after patching? I want to run unpatched versions on said above configurations or at least be able to read the code to see if it's yet another javascript problem.