[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security features in Debian 8 (Jessie)

On 27 April 2015 at 08:40, oliver.schmid.94@t-online.de <oliver.schmid.94@t-online.de> wrote:
Hi,
I'm a freelancer for various German computer magazines and currently working on an article about Debian 8 Jessie. It would be nice if there could be a better documentation of the security features (new hardening flags). I've seen that there is a wiki page (https://wiki.debian.org/Security/Features) but this page is not very good. So it would be nice when you can improve this site. In my opinion this is absolutely necessary to provide strong arguments for Debian. Other distros like Fedora (https://fedoraproject.org/wiki/Security_Features_Matrix) and Ubuntu (https://wiki.ubuntu.com/Security/Features) have better wiki pages about this topic. In general it is very difficult to find good documented information about the security measures in Debian.

Dear Oliver,

Please note you can find detailed information about the implementation of this "Release Goal" here:

https://wiki.debian.org/Hardening
https://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags

Those pages describe the technical details of the hardening implemented and you can review which features are actually enabled. Also please note that the many of the hardening features provided in Debian can be:

 + hardening flags enabled provided by the compiler (i.e. gcc). 
 + hardening features enabled provided by the Linux
 + new security features provided by some software

Whatever they are, they are actually shared with other Free software projects (such as Ubuntu and Red Hat) as you mention, as these features are provided by shared software components.  So you can actually use the descriptions you find in upstream developer's documentation pages and in other distribution's wiki pages as a basis. 

In any case, the Release Notes of the distribution has in all the previous releases, and now in Jessie too. These Release Notes are translated into a number of languages and should be your main source for information (and not the Wiki pages).

For Jessie, you will find a description of the new security features here: https://www.debian.org/releases/stable/amd64/release-notes/ch-whats-new.de.html#security (in German, for your convenience)

For the previous release (Wheezy) there is also a section in the Release Notes describing the security features introduced. Please see: https://www.debian.org/releases/oldstable/amd64/release-notes/ch-whats-new.de.html#hardening (again, in German).

These sections are written by our Security Team and translated into many different languages by our translation teams.

That being said, if you find the information lacking, I would encourage you to open a Bug report in Debian's Bug Tracking Database so it can be acted upon. If you do so, please use the pseudo-package 'release-notes'. For more information on how to report bugs please read https://www.debian.org/Bugs/

I hope the information above is helpful, best regards:

Javier Fernandez-Sanguino
 



 

 
Reply to: