[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Hardened project status.

On Sun, 26 Sep 2004 07:22, Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org> 
wrote:
> - openssh (i'm working on the patches that bring SecurID Token use
> features, and others from independent hackers)

Most of the features you list are things that are difficult to get into 
Debian/main.  But token based security for openssh is something that seems 
like it could go in without too much pain.  Have you talked to Matthew Vernon 
about this?

> About the kernels...the work is in production state, i've currently
> tested them on some machines , 2 of them are shared environments
> (software-libre.org & ourproject.org) with user chroots, etc.
> I've also did the DHKP, but i'm going to remix it and use instead of the
> current patches (OW and others) the PaX + RSBAC + SELinux mix.

You have RSBAC and SE Linux in the same kernel?  What's the point?

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page
Reply to: