Hello. I'm thinking we should have a new goal for the version 0.2 milestone. Like gcc-4.1x, glibc-2.4x, and a newer uClibc version. When those packages are working it will be a good time to set 0.2. There's also the blfs/bhlfs reorganization. While the week or two that it's frozen the book can be spell checked etc.
The new gcc comes with a few new security enhancements, like libssp, fortify_source, and libmudflap. I don't know how well fortify_source works with uClibc, if it does work then it would be in their svn and not their last release. uClibc added arc4random to their svn, but they aren't using it for mktemp or ssp.. and they changed their ssp stuff a lot in svn. All of this is fairly time consuming. Fortify_source and libmudflap should get description webpages too. Making uClibc use arc4 for mktemp and ssp should be the first priority so that hopefull it will get tested and added before the next uClibc release. And maybe hold off grsec-rbac for 0.3. robert -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
