Hi,
If anyone is interested would be important to look at uClibc and musl (Alpine Linux is based in this one).
Note that other distributions are doing an excellent job in hardened profiles like Gentoo or more actual OpenSuSe Gardened:
We have to work on mitigation rather than patching and trust not responsible maintainers for some packages. This includes thinking seriously about to have a kernel with grsecurity patches.
Cheers,
On Sat, Jan 10, 2015 at 4:19 PM, Peter Robinson <pbrobinson@xxxxxxxxx> wrote:
It's not completely gone, there's still a number of packages that run> On Thu, 2015-01-08 at 08:47 -0500, Paul Wouters wrote:
>> On Thu, 8 Jan 2015, Dhiru Kholia wrote:
>>
>> >> | Your package accepts/processes untrusted input.
>> >>
>> >> This seems to be about every package that I use, because I most if not
>> >> all tools process untrusted data from the Internet.
>> >
>> > +1. This view is rapidly gaining traction and visibility in recent times.
>>
>> Can we throw prelink out as well when we do this?
>
>
> Prelink is already gone. We haven't been running it since F19, IIRC.
it as part of the install or build process because I've had to fix
ppc64le/aarchh64 package builds because we don't have it at all on
those platforms. I think we also ship it by default.
Peter
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Francisco Alonso.
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
