[ubuntu-hardened] list introductions
kees at ubuntu.com
Wed Oct 31 05:15:52 GMT 2007
On Tue, Oct 30, 2007 at 11:55:45PM -0400, Daniel Guido wrote:
> I'm an Information Security student from NYC and I'd really like it if
> we started talking more about gcc, PaX, grsec and encrypted storage
> and less about SELinux. If I see something happening that I feel I can
I've recently been trying to coordinate some toolchain hardening work
with Debian. It's a pretty central change to how builds happen for
My hope is to get developers testing the hardening-wrapper tested
during Hardy so that we can enable it for the builds in Hardy+1. At the
same time, I'd like to try to identify various packages that need to
have patches sent upstream to fix various things like accidentally
leaving their stack executable in from-asm objects linked to their
executables. There are some of these bugs already filed.
I'd like to try to break the grsec patches up logically and add /proc
runtime toggles for them. That might make them more interesting to the
upstream kernel folks. The symlink and hardlink protections are
especially interesting, though they will need wide testing -- they are
reported to break some applications, but I haven't yet found any details
on which and if they can be changed.
> contribute to, I will chime in and help. I can't start or manage any
> projects, college just takes too much time.
If the executable stack bugs are interesting to you, I'd love to see them
solved. No need to manage a whole project. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20071030/73a79ed7/attachment.pgp
More information about the ubuntu-hardened