[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exec-shield (maybe ITP kernel-patch-exec-shield)

On Fri, Nov 28, 2003 at 12:20:43PM +0100, Peter Busser wrote:
> Hi!
> > > Yes. But I didn't get the impression so far that there are any Debian people
> > > who view it like a benefit. I am still hopeful that I will be proven wrong
> > > about this though.
> > I would use it for sure... I daresay there are plenty of companies out
> > there that would be interested too. I'm slowly pooling ideas to assemble
> > for a debian-enterprise sub-project proposal, and security goals is
> > clearly one area we need to clearly define. I can see PAX fitting into
> > this very well.
> > I have no doubt you will have users, in fact, plenty of users.
> Ok, that is nice to hear. Currently I'm way to busy with RSBAC development for
> Adamantix. When that is more or less ready, I think I have time to create a
> kernel patch package if you (or someone else) can do the Debian paperwork.

Just so we move forward, I have packaged today a kernel-patch-package which 
seems to apply as expected with 'make-kpackage' based on the changes you 
have introduced to the kernel_2.4.21_2.4.21-5 package developed by Herbert 

I've sent the ITP (just in case somebody wants to comment or pre-test it) 
and will upload it soo to an upload queue. 

I guess that the rsbac userspace would need to be included in Debian too in 
order for this patch to be useful for Debian users at all, am I correct? 
I'm going to send also the paxtest package you developed in order for 
people to test PaX (and exec-shield's) functionality and decide for 
themselves. I will first write a manpage for it (as mandated per policy) 



Attachment: signature.asc
Description: Digital signature

Reply to: