On 04/01/13 at 10:23am, Michael Scherer wrote: > Le lundi 01 avril 2013 à 12:29 +0530, Dhiru Kholia a écrit : > > What would be a good way to solve this problem in your opinion? > > (File bugs / Explicitly list such packages / Turn on hardening by default) > > I would file bugs, and list those that were checked on a wiki page, > along a link to the bug and a date, and revisit the reason on a regular > basis. I have started doing this. See https://bugzilla.redhat.com/show_bug.cgi?id=947022 for an example. > > It would be great to have some sort of automated method to find if > > hardening criteria applies to a particular package. Ideas are welcome! > > You can take a look on http://people.redhat.com/sgrubb/security/ , there > is a script rpm-chksec to verify that. Thanks! I found some neat ideas in rpm-chksec script. I will incorporate them into https://github.com/kholia/checksec -- Dhiru -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
