status of introducing security mechanisms in Debian

To: debian-security@lists.debian.org
Subject: status of introducing security mechanisms in Debian
From: mircan@poczta.onet.pl
Date: Tue, 8 Feb 2011 13:33:12 +0100
Message-id: <[🔎] AANLkTi=+m+qnO2w2AbkNfFPueOaF3jA4OhgfPRfW35G0@mail.gmail.com>

Hi,
I'm writing with reference to security test performed by MWR Labs last
year. To avoid writing too much I'll just give links to the articles
describing the tests:
http://labs.mwrinfosecurity.com/notices/security_mechanisms_in_linux_environment__part_1___userspace_memory_protection/
http://labs.mwrinfosecurity.com/notices/assessing_the_tux_strength_part_2_into_the_kernel/
As stated in the articles in Debian Lenny there were very little of
available security mechanisms of the Linux environment included. I
just wanted to know what is the status of this in Squeeze and also
rise a release goal for Wheezy to enable some pro-active security
mechanisms mentioned in the articles. For example, I guess enabling
PIE in iceweasel, other web browsers and network daemons is worth
taking into consideration. I know my point is extremely general, I
just hope to start a discussion about this topic.
Thanks,
Marcin

Reply to:

Follow-Ups:
- Re: status of introducing security mechanisms in Debian
  - From: Kees Cook <kees@debian.org>
- Re: status of introducing security mechanisms in Debian
  - From: bertagaz@ptitcanardnoir.org

Prev by Date: Some obsolete packages in squeeze-security
Next by Date: Re: status of introducing security mechanisms in Debian
Previous by thread: Some obsolete packages in squeeze-security
Next by thread: Re: status of introducing security mechanisms in Debian
Index(es):
- Date
- Thread