[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exec-shield (maybe ITP kernel-patch-exec-shield)

On Fri, 2003-11-28 at 22:20, Peter Busser wrote:
> > I have no doubt you will have users, in fact, plenty of users.
> Ok, that is nice to hear. Currently I'm way to busy with RSBAC development for
> Adamantix. When that is more or less ready, I think I have time to create a
> kernel patch package if you (or someone else) can do the Debian paperwork.

I or someone will get back in contact with you - at least as part of
debian-enterprise subproject it will take a little while to gather
interest, define goals and user target base, etc. Again, this is Debian,
and particularly for "the enterprise", but for Debian in general, we
usually don't go rushing stuff.

I hope to be a DD within the next half year or so myself - and we'll see
what the level of interest is for an enterprise focus in Debian
hopefully sooner than later.

> I would think that the recent break-in should be convincing enough that you
> can't simply ignore security or downplay the importance. Of all products

I don't think any of us 'ignore' security - perhaps some users do. They
probably won't be interested in our enterprise stuff, but many will I

> available today, PaX is by far the best. It is also better than OpenBSD's W^X.
> That it breaks stuff is mostly FUD.

You might be right. Security might in fact be critical for
'enterprises'. I suspect that a good contingent of this sub project will
be sys admins within the enterprises, so they will have front line
experience and desire for security.

> > Debian values, specifically as per its constituion, its users. Secure by
> > default is a great goal, and one that we may get ever closer to, yet
> > there are other goals for users, like stability, not breaking current
> > installs with upgrades, etc.
> That is why there are different distributions, so that people have a choice.

Absolutely. For some, the highest level of security is necesseary *right
now*. Adamantix would be good fit for them (if they don't want to hassle
with endless custom compiling and possible mistakes by themselves).

I look forward to Debian reaching where it can provide that level (at
least for those users who want it). I'd actually be surprised if people
objected to such work being done in fact - we all want a better (=more
secure, faster, more stable, more...) system.

> you target enterprises. Feel free to contact me when you start to work on your
> enterprise project.

Thank you, I will do so. That should be within the next three or four
months, possibly sooner.


Phone: +61 (0)412 166 990
Homepage: http://homepages.ihug.com.au/~zenaan/
PGP Key: http://homepages.ihug.com.au/~zenaan/zen.asc
Please respect this email's confidentiality as sensibly warranted.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: