On 2011-01-23 07:29 +0100, Rico Secada wrote: > After having brushed up on some technical aspects of security I would > like to understand why Debian isn't secure be default. > > As we all know a lot of security breaches occur because of overflow > errors. Difference protective measurements has been developed for > example such as "executable space protection". > > As seen in this list of comparison both Fedora and SUSE are running > with some method of protection enabled by default whereas Debian isn't. > > http://en.wikipedia.org/wiki/Comparison_of_Linux_distributions#Security_features > > Another example is "stack checking" in GCC where for example OpenBSD > ships with this setting as "enabled-by-default" whereas it is > "off-by-default" on Debian. > > I would like to understand why Debian is running with this policy of > "security is off by default"?
Basically because the developers cannot agree where the hardened compiler options should be implemented. You can get more information by reading http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552688. Sven -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87mxmsnizz....@turtle.gmx.de
