[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Top 5 things that aren't in Debian but should be :-)


On 2004-01-12  6:23 +1030, Dan Shearer wrote:
> So what, in your opinion, are the technologies (or significant packages)
> which should be in Debian but are not? 
It would be nice to provide better proactive system security out of
the box: e.g. mandatory access control and ACLs
(grsecurity|SELinux|lids), PaX, all packages compiled with buffer
overflow protection and a gcc supporting this (like Steve Kemp's gcc).

All of this is of course possible in Debian, but it would be great if
it were both properly integrated and would come along "out of the

> And why do you think they are not?

AFAICS because it would require every package to come along with a
proper ACL policy and had to be rebuilt and because it (most
certainly) will trigger many new bugs and break 3rd party software.

I know that this is quite hard to achieve, but IF it was achieved,
then this would be a big advantage in the mainstream distros (apart
from smaller projects like Adamantix etc.).

I wish you a successful talk and a nice day!


Martin Pitt                 Debian GNU/Linux Developer
martin@piware.de                      mpitt@debian.org
http://www.piware.de             http://www.debian.org

Reply to: