On Fri, 2003-11-28 at 22:37, Peter Busser wrote: > On Thu, Nov 27, 2003 at 09:40:50PM -0200, Henrique de Moraes Holschuh wrote: > > Adamantix might not earn much from it. I really don't know. What I do know > > is that it worked well for SE Linux. > > Well, if Debian packages work well on PaX and Adamantix keeps using Debian > packages, there is of course a clear benefit for Adamantix. I am not really > sure if Adamantix will keep using Debian packages, because I don't think doing > that meets the requirements needed for a high level of security assurance. For > the short term, this is not a big problem, because Adamantix is not ready to > meet high levels of assurance anyway. But as someone else pointed out already, > the risk for backdoors in important packages is too big in the long run. Debian has many good bits to it - like QA infrastructure. I see a good fit between the projects personally - what we can do to usefully improve security, that is also useful for Adamantix (eg. perhaps debian- enterprise subproject decides to have "security auditing a core set of apps" as deb-ent QA goal), results in double-bonus - for us and for yous (gotta love Aussie gramma!). Where each project can leverage the work of the other, we each become userbase of the other project, and benefit... happy rainbow dew-drop world, yay! Well, somewhere along those lines... Zenaan -- Phone: +61 (0)412 166 990 Homepage: http://homepages.ihug.com.au/~zenaan/ PGP Key: http://homepages.ihug.com.au/~zenaan/zen.asc Please respect this email's confidentiality as sensibly warranted.
Description: This is a digitally signed message part