[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: jessie release goals

Another thing: Hardening already has been a release goal but there
still are packages around without.

After having seen the proctetion catching a programming bug I think
more importance should be put on that, either by considering all
packages rc-buggy that should be built with hardening wrappers but are
not - or at least packages providing code that, in some sort of order:

* has the setsuid set,
* usually/regulary runs as root,
* is a daemon.

Also, debhelper 9 has eased usage of hardening wrappers as lot so a
major excuse not to add them is now void.


Reply to: