Announcing security hardened kernels for testing
Gustavo Franco
gustavorfranco at gmail.com
Tue Jan 4 10:47:24 CST 2005
On Tue, 4 Jan 2005 16:57:51 +0100, Markus Kolb <ubuntu-ml at tower-net.de> wrote:
> Martin Pitt wrote on Tue, Jan 04, 2005 at 16:16:55 +0100:
> > Hello to all security addicts out there!
>
> [...]
> > - Some programs (most notably X.org and OpenOffice.org) still rely on
> > executing writeable memory, so the PaX protection has to be
> > disabled for them. You have to install the "chpax" package and
> > execute the following commands before everything will work:
> >
>
> Any ideas how long the list of "some" programs might be?
>
> I could get bad experience some time ago.
>
Not really long, the main stuff that is on your Ubuntu might work. I
heard that under heavy load you can see some random problems but i've
used PaX for some time on mid load servers without breaks so your
desktop should be ok (really).
Add on the list: Java (jvm, of course not in main) and Wine (universe).
Hope that helps,
Gustavo Franco -- <stratus at acm.org>
More information about the ubuntu-devel
mailing list