Re: Top 5 things that aren't in Debian but should be :-)
On Mon, 12 Jan 2004 20:12, Martin Pitt <firstname.lastname@example.org> wrote:
> It would be nice to provide better proactive system security out of
> the box: e.g. mandatory access control and ACLs
> (grsecurity|SELinux|lids), PaX, all packages compiled with buffer
> overflow protection and a gcc supporting this (like Steve Kemp's gcc).
SE Linux is in 2.6.0 and 2.6.1. Herbert has stated that he will build SE
Linux into 2.6.1 if he has time.
For PaX to be considered we need someone to maintain a kernel-patch-pax
package that contains a patch which applies to a Debian kernel source.
No-one has been willing to do this so far.
Steve Kemp's gcc has been working well for me. I've built kernels and
applications with it and not found any problems. I expect that it will
become a standard feature in Debian's gcc soon.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page