Dude we have cars, don't reinvent the automobile. Grsecurity does this already. http://www.grsecurity.net and 10,000 times more stuff. Some sample kernel config options, so you can get a brief overview: http://www.cs.montana.edu/faq/grsec/ It specifically has tpe, and has been extensivelly vetted for security holes, and is used on production sites, and has a debian package already. --Luke
> (This isn't something that I'm currently interested in moving into > Debian proper; it's a module for providing "trusted path execution" > which I've written and am planning on running on all my boxen). > > Steve > -- > www.steve.org.uk/Debian
