On Wed, 21 Sep 2011, Raphael Hertzog wrote:
> On Wed, 21 Sep 2011, Ian Jackson wrote:
> > Raphael Hertzog writes ("Hardening build flags release goal"):
> > > we're not very far from having hardening build flags set by default by
> > > dpkg-buildflags
On Wed, 21 Sep 2011, Ian Jackson wrote:
> Raphael Hertzog writes ("Hardening build flags release goal"):
> > we're not very far from having hardening build flags set by default by
> > dpkg-buildflags (waiting on some documentation update that Kees should
> >
Raphael Hertzog writes ("Hardening build flags release goal"):
> we're not very far from having hardening build flags set by default by
> dpkg-buildflags (waiting on some documentation update that Kees should
> take care of).
Can you please point us to the draft inte
Moritz Mühlenhoff wrote:
> > If you're interested, just respond and start creating the release goal
> > wiki page:
> > http://wiki.debian.org/ReleaseGoals
>
> I'm in, but it'll take a few days until I'll be able to work on the wiki
> page.
For anyone interested in contributing, I've just started
On Tue, Sep 06, 2011 at 04:01:04PM +, The Fungi wrote:
> On Mon, Sep 05, 2011 at 02:22:39PM -0700, Kees Cook wrote:
> [...]
> > It might be better to extend it further, like "all network daemons
> > using dpkg-buildflags properly and enabling PIE"
> [...]
>
> And since many network daemons are
On Mon, Sep 05, 2011 at 07:42:30PM +0200, Moritz Mühlenhoff wrote:
> I'm thinking of something along the lines of
> "all pkgs with priority >= standard" and "all pkgs which had a DSA in the last
> five years" as specific, important sub goals.
Sounds good, I'm happy to help as well.
-Kees
--
Kee
On Mon, Sep 05, 2011 at 09:34:37PM +0200, Raphael Hertzog wrote:
> On Mon, 05 Sep 2011, Julien BLACHE wrote:
> > Cyril Brulebois wrote:
> > > Do we have a proper definition, and sample implementation(s) for “using
> > > dpkg-buildflags properly”? On the top of my hat, it looks like semantics
> > >
On Sep 05, Kees Cook wrote:
> It might be better to extend it further, like "all network daemons using
> dpkg-buildflags properly and enabling PIE"
I fully support this (and I have already enabled hardening for most of
my packages with no adverse effects).
--
ciao,
Marco
signature.asc
Descrip
On Mon, Sep 05, 2011 at 02:22:39PM -0700, Kees Cook wrote:
[...]
> It might be better to extend it further, like "all network daemons
> using dpkg-buildflags properly and enabling PIE"
[...]
And since many network daemons are implemented in interpreted
languages, it might be nice to include packag
On Mon, Sep 05, 2011 at 07:42:30PM +0200, Moritz Mühlenhoff wrote:
> Raphael Hertzog schrieb:
> > Hello,
> >
> > we're not very far from having hardening build flags set by default by
> > dpkg-buildflags (waiting on some documentation update that Kees should
> > take care of).
>
> Thanks!
>
> >
On Mon, Sep 05, 2011 at 10:52:40AM +0200, Raphael Hertzog wrote:
> we're not very far from having hardening build flags set by default by
> dpkg-buildflags (waiting on some documentation update that Kees should
> take care of).
I'm about halfway through this. Just brushing up on my groff syntax. ;
Raphael Hertzog wrote:
Hi,
> No idea, I have only integrated the work others have done in dpkg. I
> have not studied how other compilers support the hardening compilation
> flags.
>
> What are the compilers you're thinking of?
Here specifically, Clang.
More generally, at this point in time, a
Hi,
On Mon, 05 Sep 2011, Julien BLACHE wrote:
> Cyril Brulebois wrote:
> > Do we have a proper definition, and sample implementation(s) for “using
> > dpkg-buildflags properly”? On the top of my hat, it looks like semantics
> > and recommendations changed a bit over the years, so I kind of lost
>
On Mon, 05 Sep 2011, Cyril Brulebois wrote:
> Do we have a proper definition, and sample implementation(s) for “using
> dpkg-buildflags properly”? On the top of my hat, it looks like semantics
> and recommendations changed a bit over the years, so I kind of lost
> count.
I'm going to prepare a "Bi
Cyril Brulebois wrote:
Hi,
> Do we have a proper definition, and sample implementation(s) for “using
> dpkg-buildflags properly”? On the top of my hat, it looks like semantics
> and recommendations changed a bit over the years, so I kind of lost
> count.
On top of that, what's the story with re
Raphael Hertzog (05/09/2011):
> I would like to find one or two persons to lead a new release goal
> centered around hardening. The big goal is to have the maximum number of
> packages using hardening by the time Wheezy is released but it could
> include more specific sub-goals like "all packages
On Mon, 5 Sep 2011 19:42:30 +0200 Moritz Mühlenhoff wrote:
> Raphael Hertzog schrieb:
> > Hello,
> >
> > we're not very far from having hardening build flags set by default by
> > dpkg-buildflags (waiting on some documentation update that Kees should
> > take care of).
>
> Thanks!
>
> > I would
Raphael Hertzog schrieb:
> Hello,
>
> we're not very far from having hardening build flags set by default by
> dpkg-buildflags (waiting on some documentation update that Kees should
> take care of).
Thanks!
> I would like to find one or two persons to lead a new release goal
> centered around ha
Hello,
we're not very far from having hardening build flags set by default by
dpkg-buildflags (waiting on some documentation update that Kees should
take care of).
I would like to find one or two persons to lead a new release goal
centered around hardening. The big goal is to have the maximum num
19 matches
Mail list logo
