status of introducing security mechanisms in Debian
Hi,
I'm writing with reference to security test performed by MWR Labs last
year. To avoid writing too much I'll just give links to the articles
describing the tests:
http://labs.mwrinfosecurity.com/notices/security_mechanisms_in_linux_environment__part_1___userspace_memory_protection/
http://labs.mwrinfosecurity.com/notices/assessing_the_tux_strength_part_2_into_the_kernel/
As stated in the articles in Debian Lenny there were very little of
available security mechanisms of the Linux environment included. I
just wanted to know what is the status of this in Squeeze and also
rise a release goal for Wheezy to enable some pro-active security
mechanisms mentioned in the articles. For example, I guess enabling
PIE in iceweasel, other web browsers and network daemons is worth
taking into consideration. I know my point is extremely general, I
just hope to start a discussion about this topic.
Thanks,
Marcin
Reply to: