[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exec-shield (maybe ITP kernel-patch-exec-shield)

On Fri, 2003-11-28 at 22:37, Peter Busser wrote:
> On Thu, Nov 27, 2003 at 09:40:50PM -0200, Henrique de Moraes Holschuh wrote:
> > Adamantix might not earn much from it.  I really don't know. What I do know
> > is that it worked well for SE Linux.
> Well, if Debian packages work well on PaX and Adamantix keeps using Debian
> packages, there is of course a clear benefit for Adamantix. I am not really
> sure if Adamantix will keep using Debian packages, because I don't think doing
> that meets the requirements needed for a high level of security assurance. For
> the short term, this is not a big problem, because Adamantix is not ready to
> meet high levels of assurance anyway. But as someone else pointed out already,
> the risk for backdoors in important packages is too big in the long run.

Debian has many good bits to it - like QA infrastructure. I see a good
fit between the projects personally - what we can do to usefully improve
security, that is also useful for Adamantix (eg. perhaps debian-
enterprise subproject decides to have "security auditing a core set of
apps" as deb-ent QA goal), results in double-bonus - for us and for yous
(gotta love Aussie gramma!).

Where each project can leverage the work of the other, we each become
userbase of the other project, and benefit... happy rainbow dew-drop
world, yay!

Well, somewhere along those lines...


Phone: +61 (0)412 166 990
Homepage: http://homepages.ihug.com.au/~zenaan/
PGP Key: http://homepages.ihug.com.au/~zenaan/zen.asc
Please respect this email's confidentiality as sensibly warranted.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: