Re: PaX on Debian
On Mon, 26 Jul 2004 13:48, John Richard Moser <email@example.com> wrote:
> | Before we can even start thinking about PaX on Debian we need to find a
> | maintainer for the kernel patch who will package new versions of the
> | patch which apply to the Debian kernel source tree. We have had a few
> Are you talking PaX or grsecurity? PaX is significantly less invasive
> than grsecurity. There will still be issues, of course.
PaX. AFAIK the only PaX kernel-patch package in Debian is the Adamantix
kernel source, which has RSBAC and a bunch of other stuff, and the GRSec
patch. Neither of them apply to the Debian kernel source tree.
> Where would I see debian's 2.6.7 source tree? I'm not a deb user,
> remember, so I'll need a tarball or something.
> | We have recently discussed this on at least one of the lists you
> | posted to.
> | The end result of the discussion is that GCC is getting another SSP type
> | technology known as "mudflap". Mudflap depends on some major new
> | features of
> | GCC 3.5, so it looks like we won't be getting this until GCC 3.5 as the
> | Debian GCC people don't want to merge in other patches which have no
> | apparent chance of being included upstream.
> Then don't use ProPolice/SSP for now.
That seems to be what will happen. I'd rather see SSP included sooner, but I
guess it won't happen.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page