Re: SSP for Debian unstable. was Re: security enhanced debian branch?

To: debian-devel@lists.debian.org
Subject: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 4 Jan 2004 11:41:28 +0000
Message-id: <[🔎] 20040104114128.GA13524@riva.ucam.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 200401042231.40765.russell@coker.com.au>
References: <200312181128.NAA12752@home.ntrl.net> <200312191154.21945.russell@coker.com.au> <20031219152835.GA23946@steve.org.uk> <[🔎] 200401042231.40765.russell@coker.com.au>

On Sun, Jan 04, 2004 at 10:31:40PM +1100, Russell Coker wrote:
> On Sat, 20 Dec 2003 02:28, Steve Kemp <skx@debian.org> wrote:
> >   OK after the positive comments yesterday I've made an SSP compiled
> >  version of GCC for unstable available.
> 
> I've just started testing this.  The first thing I noticed is that every SSP 
> program you compiled wants to read /dev/urandom.  Is this the only way to 
> compile such programs?  Can SSP provide benefits even when /dev/urandom is 
> unavailable?
> 
> Currently the SE Linux policy prevents most domains from accessing
> /dev/*random ...

Why on earth prevent programs from accessing /dev/urandom? I don't see
the point.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- Re: SSP for Debian unstable. was Re: security enhanced debian branch?
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Next by Date: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Previous by thread: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Next by thread: Re: SSP for Debian unstable. was Re: security enhanced debian branch?
Index(es):
- Date
- Thread