On Fri, Dec 19, 2003 at 01:03:17PM +0100, Peter Busser wrote: > > I'd be interested in hearing what the Adamantix people believed to be > > a reasonable approach for merging stuff back - but it does seem that > > they should be the people to write the plan, after all they know what > > they're working on - whereas outside Debian developers don't! > > Ok, maybe we can write such a plan together? I mean, sure, I know what is > being worked on in Adamantix. That is simple technical stuff. But I hardly know (...) Ok. How about this (for the kernel changes): 1.- Upload packages for the kernel changes provided by Adamantix in a kernel-patch-adamantix (DONE, sitting in NEW at the moment, and will be included as soon as ftp-admins get around to do it) 2.- Upload the paxtest suite so people can test PaX-enabled kernels and Exec-shield enabled kernels (DONE, same as above) 3.- Upload the rsbac utilities (DONE, same as above) 4.- Ask base-passwd to provide a 'debian-sec' (security officer) for consistency between 1) and 3) in order to have a stable UID (not done) 5.- Upload sample RSBAC policies, rsbac-secpolicy and rsbac-adamantix are good candidates here (not uploaded, but I have packages built locally and I'm waiting for rsbac-adamantix to stabilise and would also like to audit the code, i.e. rsbacinit there) 6.- Have users test PaX-enabled kernels and RSBAC-enabled kernels. 7.- Fix bugs and contribute upstream those that belong there. 8.- Consider providing kernel-image packages with 6 enabled by default that could be used in a standard installation of Debian. How does it sound? Of course the SSP stuff can run in parallel, I'll leave Steve that. Javi
Attachment:
signature.asc
Description: Digital signature