Re: "How to recognise different ETCH wishlists from quite a long way away" (revised)
On Fri, Jul 08, 2005 at 02:33:12PM +0200, Javier Fernández-Sanguino Peña wrote:
> - Encrypted root/swap on the d-i installation.
I'm planning to work on this- probably during the next few weeks. I hope
to also get together with Wesley Terpstra and talk about how we can make
the framework usable for both loop-AES and dm-crypt based setups.
> [ Security improvements ]
> - Proper source code audit by maintainers to detect stupid security
> bugs (/tmp/XX.?? anyone?) Recurrent things like #306893 appear all
> too often. Automatic source code audit ala lintian.debian.org?
I'd be happy to help with this effort.
A first step could be to make the lintian.d.o scripts run on a lintian.d
style directory of scripts, if that sounds reasonable to the people who
run that service (Josip Rodin?). That would make it pretty easy to build
lists of privileged files, plug in source code scanners, greps for /tmp/
and everything else we can come up with.