Hi folks,
I'm Alex Murray (alexmurray on Launchpad/amurray on IRC) and have been a
part of the Ubuntu community as a long-time user and enthusiast since
back in 2006. In 2018 I was privileged to join Canonical as the Ubuntu
Security Tech Lead and have worked as part of that amazing team
On Thu, 2022-11-03 at 10:11:59 +, Benjamin Drung wrote:
> On Wed, 2022-11-02 at 18:15 +0100, Alex Murray wrote:
>> On Wed, 2022-11-02 at 15:23:08 +, Benjamin Drung wrote:
>>
>> > Hi everyone,
>> >
>> > adduser 3.123 (in Debian) changed the de
On Wed, 2022-11-02 at 15:23:08 +, Benjamin Drung wrote:
> Hi everyone,
>
> adduser 3.123 (in Debian) changed the default mode for normal users
> (DIR_MODE) from 0755 to 0700. The default mode for system user
> (SYS_DIR_MODE) stayed untouched at 0755. See [1] and [2] for a
> reasoning.
>
> Ubun
On Mon, 2022-05-23 at 10:04:17 -0300, Andreas Hasenack wrote:
> Hi,
>
> On Mon, May 16, 2022 at 2:34 PM Andreas Hasenack
> wrote:
>
>> Removing isc-dhcp would also allow us to reduce the need of old compat
>> src:bind9-libs package, probably even drop it.
>
> I just learned that upstream is now
On Mon, 2022-05-16 at 15:11:27 -0700, Brian Murray wrote:
> On Fri, May 13, 2022 at 10:29:30AM +0930, Alex Murray wrote:
>> On Thu, 2022-05-12 at 13:38:38 -0700, Brian Murray wrote:
>>
>> > The Ubuntu Error Tracker receives crash reports from all releases of
>>
On Thu, 2022-05-12 at 13:38:38 -0700, Brian Murray wrote:
> The Ubuntu Error Tracker receives crash reports from all releases of
> Ubuntu which are not out of standard support. These crash reports are
> then aggregated into buckets where some meta-information (package
> version and release of Ubun
On Tue, 2021-02-16 at 20:04:58 +1030, Matthias Klose wrote:
On 2/15/21 3:17 AM, Alex Murray wrote:
Hi Michael,
For Ubuntu we try and take an approach where we want as much code that
is compiled for and *on* Ubuntu to try and take advantage of the various
toolchain hardening options that are
ou
want to reply to avoid splitting the discussion.
There's also a cross-post to
https://discourse.ubuntu.com/t/private-home-directories-for-ubuntu-21-04-onwards/19533
HTH,
Robie
- Forwarded message from Alex Murray
-
Date: Thu, 26 Nov 2020 13:00:52 +1030
From: Alex Murray
To: ub
On Thu, 2020-06-18 at 03:00:35 +0930, Marc Deslauriers wrote:
> On 2020-06-16 8:40 p.m., Matthew Ruffell wrote:
>> Hello!
>>
>> I am proposing that we enable the CONFIG_SECURITY_DMESG_RESTRICT [1] feature
>> by
>> default for Groovy onward.
>>
This sounds like a great (and long overdue) additi
On Wed, 2020-03-04 at 03:49:39 +1030, Robie Basak wrote:
> On Tue, Feb 25, 2020 at 09:09:24AM -0800, Steve Langasek wrote:
>> Thanks, it's easy enough to back out later (as long as someone actually
>> raises a flag when things break!), so I'm ok with that.
>
> bacula's various postinsts (at least
On Tue, 2020-02-25 at 02:42:58 +1030, Steve Langasek wrote:
> On Fri, Feb 21, 2020 at 02:04:37PM -0800, Kees Cook wrote:
>> On Thu, Feb 20, 2020 at 03:45:39AM +, Seth Arnold wrote:
>> > I'm worried that turning this flag on for the first time in an LTS release
>> > may be breaking too many ex
Hi,
The security and foundations teams have been working to enable a couple
new hardening options in GCC as default for eoan / 19.10. These are
-fstack-clash-protection and -fcf-protection.
-fstack-clash-protection causes GCC to instrument variable-length stack
allocations so that each page is pr
12 matches
Mail list logo