[ubuntu-hardened] roadmap

[Kees Cook]

On Tue, Oct 30, 2007 at 06:52:23PM -0700, gaten wrote:
> OK, time to put your tin=foil hats on for a moment, bare with me. Any
> journaling filesystem is bad if you're interested in making deleted
> files as hard to recover as possible. Yes, I understand ext3 is a good
> fs and is pretty much the standard nowadays,  but would we really be on
> a SELinux mailing list if we weren't just a little bit crazy and
> paranoid? I don't know enough about the other fs's you mentioned to know
> if they are journaled, but perhaps its something to consider.

As a quick aside, this isn't strictly an SELinux mailing list.  I'd like
to certainly discuss SELinux here, but I'd also like to discuss
AppArmor, toolchain hardening, ASLR, fscaps, and any other distro-wide
security protections people would like to spend time working on.  :)

That said, I'd like to stay with topics that make sense for the ethos of
Ubuntu, keeping ease-of-use and freedom in mind.

During the "Server Security" discussion at UDS, we generated[1] a list of
possible ideas to work on, and I think it may be helpful to attempt to
prioritize them, and see who has time/interest to work on them.

-Kees

[1] https://wiki.ubuntu.com/HardyServerSecurity

-- 
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20071030/2ce9835b/attachment.pgp