Re: Expanding the list of "Hardened Packages"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 15/04/13 09:48 AM, Miloslav Trmač wrote:
On Sat, Apr 13, 2013 at 7:51 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx
<mailto:h.reindl@xxxxxxxxxxxxx>> wrote:

    which raises the question again:

    would it be not the better way to build the whole distribution hardened
    by expierience that nearly anything is exploitable over the long and
    performance comes after security


The logical conclusion from this is to move to a language with automatic
memory management.  The "top vulnerability" reports for programs written
in C/C++ and most other languages so different that starting a new
project that processes untrusted data in C/C++ is becoming indefensible.

We seem to be stuck with C as the lowest common denominator that can be
used from any runtime; long-term we _need_ to move away from that, or
Linux will gain the reputation of least-secure OS around.

Now, what to move to?  I currently don't have see any language/runtime I
could recommend, which is in itself rather frightening.

Can I step in and ask: move *what* exactly?

This is the *Fedora* development list, remember. This thread was a discussion of the security of the Fedora package base as a whole. The Fedora project does not control the development of the code behind 99% of the Fedora package base. "The logical conclusion is to move to a different language" doesn't seem particularly logical at all in context - as a reply to Harald's proposal for build parameters for all Fedora packages - because you're advocating a completely different change, one it is not at all feasible for Fedora to effect in this context.

So you've just pivoted the entire thread, for which congratulations, but this could really have been a separate discussion.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux