Re: Q: CDDing a heavily patching project (LFS based)
On Fri, Jul 23, 2004 at 03:23:34PM +0200, C. Gatzemeier wrote:
> - simply add stack-smashing protection to Debian
> (patch glibc+gcc+kernel)
Well, you could ask the respective maintainers to include the patches in
the source package and make them activate when e.g. an evironment
variable is set (I believe the gcc package already ships one of those
security packages, although it's not applied by default)
> - is there a Debian http package that does not include every single
> module for Apache that we're not interested in?
As long as we're talking about one extra package, that would be alright
I guess. There are a lot of httpd's in Debian, htppd-hardened (or
whatever) would be ok (even more so if it's supposed to be
stripped-down).
> - strip Debian with all necessary packages down to under 100MB ?
> (that includes ADSL firmware, all software, cgi's, langs, etc.)
> - patch pppd with a patch because it doesn't work with a certain type
> of DSL modem (same goes for at least 10 other packages)?
1. ADSL firmware is a grey-black area right now. Those would have to go
into non-free or are not distributable at all currently. Dunno how one
could integrate those nicely, but Debian as a whole needs to find a
solution here eventually.
2. Stripping down should be possible to a certain extent, by hacking
debootstrap, d-i, et al.
Michael
Reply to: