----- Original Message ----- From: "Robert Connolly" <[EMAIL PROTECTED]> To: "Hardened LFS Development List" <[email protected]> Sent: Friday, March 07, 2008 5:05 AM Subject: Goals
> The LFS project has been very generous in hosting this project, and I have > always believed it is worthwhile, but the scope of this project is quite > broad and some definitions should be set. Goals for 2.0 and 1.0 should > probably be set at the same time, to help contain the scope of 1.0. I would > like 1.0 to be as broad as possible, such as featuring more than the > toolchain. I think you should at least for 2.0 drop 2.4 kernel support. I know that linux-2.4 work (IF your hardware is not so recent). linux-2.4 could be really stable and without recent kernel changes subject to new vulnerabilities. IPCop-1.4 still use a LFS-5.1 toolchain with some updates and a 2.4 kernel. That simply work but is not futur-proof ;-) If you want a 2.6 really stable kernel, choose at least 2.6.16.y. Newer kernel may have attractive features (security related or not) but for example, you can't actually compile openswan-2.4 on a 2.6.24 kernel. If you want some security goals for an HLFS not only a toolchain, that could be describing ipsec or openvpn VPN settings. Gilles -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
