Re: Debian Hardened project status.
On Sun, 26 Sep 2004 07:22, Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>
wrote:
> - openssh (i'm working on the patches that bring SecurID Token use
> features, and others from independent hackers)
Most of the features you list are things that are difficult to get into
Debian/main. But token based security for openssh is something that seems
like it could go in without too much pain. Have you talked to Matthew Vernon
about this?
> About the kernels...the work is in production state, i've currently
> tested them on some machines , 2 of them are shared environments
> (software-libre.org & ourproject.org) with user chroots, etc.
> I've also did the DHKP, but i'm going to remix it and use instead of the
> current patches (OW and others) the PaX + RSBAC + SELinux mix.
You have RSBAC and SE Linux in the same kernel? What's the point?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: