On Wed, 2011-08-03 at 09:52 -0400, Steve Grubb wrote: > Hello, > > I just wanted to let everyone know that I've made a number of tests available for > assessing security of the distribution. It is by no means a comprehensive auditing > tool, but the scripts definitely find problems. > > http://people.redhat.com/sgrubb/security/ > > On this list, the rpm-chksec program is the one that I am most interested in people > using right now. For Fedora 16, we have updated the policy to recommend all packages > be compiled with partial RELRO and important programs have full RELRO enabled. This > script can check individual rpms or the whole distribution at once for compliance. > > I have text explaining what each test does. If anyone finds problems with a script, > please let me know. I will be adding more scripts as I find problems that need > widespread attention. > > Hope this helps find and fix problems... Looks like interesting stuff. Would any of these be appropriate to be integrated into AutoQA so they could be run regularly? -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
