-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2003-11-03 17:20, Russell Coker wrote: > On Mon, 3 Nov 2003 23:42, [EMAIL PROTECTED] wrote: > > > Maybe we should solve the debate about grsec and standard kernels by > > > adding exec-shield to the standard Debian kernel source? > > > > Go ahead and do it. I could frankly care less if your users get owned. > > Give them a false sense of security by telling them that Exec-shield > > is a substitute for grsecurity and PaX. > > The problem is that we don't have anyone who has the time and ability to > merge PaX with the Debian kernel patches. > > The exec-shield patch applies with the Debian patches and with LSM. I am > prepared to maintain it. Unless someone volunteers to maintain PaX > support for Debian kernels then the best available option for Debian users > will be exec-shield.
hm, the adamantix guys use PaX, maybe they ought to be pinged about this? > Actually I don't want to make security decisions for users. This is why I > initially maintained the Debian patch package for grsec, I have promoted > OpenWall, I packaged RSBAC (but had to dump it because I didn't have the > resources to test it and no-one else was interested), and now I'm working > on SE Linux. > > I want the users to have as many choices as possible. adamantix also uses RSBAC if I'm not mistaken - -- Cheers, cobaco /"\ ASCII Ribbon Campaign \ / No proprietary formats in attachments without request X i.e. *NO* WORD, POWERPOINT or EXCEL documents / \ Respect Open Standards http://www.fsf.org/philosophy/no-word-attachments.html http://www.goldmark.org/netrants/no-word/attach.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/p3+I5ihPJ4ZiSrsRAsCaAJ4004STNUj9aYpTNfek8VzbD7YLFgCfa+85 toqP6RWRqp2GO9KYpURkJiQ= =glf9 -----END PGP SIGNATURE-----