Re: SSP for Debian unstable. was Re: security enhanced debian branch?

To: Steve Kemp <skx@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
From: Russell Coker <russell@coker.com.au>
Date: Sun, 4 Jan 2004 22:31:40 +1100
Message-id: <[🔎] 200401042231.40765.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <20031219152835.GA23946@steve.org.uk>
References: <200312181128.NAA12752@home.ntrl.net> <200312191154.21945.russell@coker.com.au> <20031219152835.GA23946@steve.org.uk>

On Sat, 20 Dec 2003 02:28, Steve Kemp <skx@debian.org> wrote:
>   OK after the positive comments yesterday I've made an SSP compiled
>  version of GCC for unstable available.

I've just started testing this.  The first thing I noticed is that every SSP 
program you compiled wants to read /dev/urandom.  Is this the only way to 
compile such programs?  Can SSP provide benefits even when /dev/urandom is 
unavailable?

Currently the SE Linux policy prevents most domains from accessing
/dev/*random ...

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

Follow-Ups:
- Re: SSP for Debian unstable. was Re: security enhanced debian branch?
  - From: Colin Watson <cjwatson@debian.org>
- Re: SSP for Debian unstable. was Re: security enhanced debian branch?
  - From: Steve Kemp <skx@debian.org>

Prev by Date: Re: RFA: A lot of packages
Next by Date: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Previous by thread: Re: udev and /sys mounting [was: mounting tmpfs (and sysfs) defaultly in sarge?]
Next by thread: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Index(es):
- Date
- Thread