[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PaX on Debian

On Mon, 26 Jul 2004 13:48, John Richard Moser <nigelenki@comcast.net> wrote:
> | Before we can even start thinking about PaX on Debian we need to find a
> | maintainer for the kernel patch who will package new versions of the
> | patch which apply to the Debian kernel source tree.  We have had a few
> Are you talking PaX or grsecurity?  PaX is significantly less invasive
> than grsecurity.  There will still be issues, of course.

PaX.  AFAIK the only PaX kernel-patch package in Debian is the Adamantix 
kernel source, which has RSBAC and a bunch of other stuff, and the GRSec 
patch.  Neither of them apply to the Debian kernel source tree.

> Where would I see debian's 2.6.7 source tree?  I'm not a deb user,
> remember, so I'll need a tarball or something.


> | We have recently discussed this on at least one of the lists you
> | posted to.
> | The end result of the discussion is that GCC is getting another SSP type
> | technology known as "mudflap".  Mudflap depends on some major new
> | features of
> | GCC 3.5, so it looks like we won't be getting this until GCC 3.5 as the
> | Debian GCC people don't want to merge in other patches which have no
> | apparent chance of being included upstream.
> Then don't use ProPolice/SSP for now.

That seems to be what will happen.  I'd rather see SSP included sooner, but I 
guess it won't happen.

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: