On Thu, 2003-12-04 at 07:04, Russell Coker wrote: > On Thu, 4 Dec 2003 08:07, "David Palmer." <[EMAIL PROTECTED]> wrote: > > I note also that Adamantix developers, when a present priority project > > reaches completion, have expressed a willingness to commit in the > > process of assisting with Pax incorporation into the Debian kernel. > > Please point out where the Adamantix developers expressed a willingness to > help in any way.
Hello Russell, I searched the Debian-devel archive for the exchanges I read myself, but do you think that I could find them? No way! They must be there somewhere, but time is short, so I grabbed this off the Adamantix site. I think that it adequately displays Peter Bussers' attitude. But if you need more, when I have more time I wil conduct a more thorough search, and even ask Peter for verification if that is what is required. Hi! I got some replies to debian-devel Cc:-ed from people who said that they wanted to have a kernel-patch package for PaX. After that, I got the following message: ----- Forwarded message from Javier Fern?ndez-Sanguino Pe?a <jfs(at)computer.org> ----- From: Javier Fern?ndez-Sanguino Pe?a <jfs(at)computer.org> To: Peter Busser <peter(at)adamantix.org> Cc: debian-devel(at)lists.debian.org Subject: Re: exec-shield (maybe ITP kernel-patch-exec-shield) On Fri, Nov 28, 2003 at 12:20:43PM +0100, Peter Busser wrote:[...] Just so we move forward, I have packaged today a kernel-patch-package which seems to apply as expected with 'make-kpackage' based on the changes you have introduced to the kernel_2.4.21_2.4.21-5 package developed by Herbert Xu. I've sent the ITP (just in case somebody wants to comment or pre-test it) and will upload it soo to an upload queue. I guess that the rsbac userspace would need to be included in Debian too in order for this patch to be useful for Debian users at all, am I correct? I'm going to send also the paxtest package you developed in order for people to test PaX (and exec-shield's) functionality and decide for themselves. I will first write a manpage for it (as mandated per policy) though. Regards Javi ----- End forwarded message ----- I'm really happy to receive some positive reactions from Debian related people. And I am even more happy to see that Javi is willing to help getting this stuff in Debian. That does not mean that Adamantix will be obsolete soon, integrating it in Debian will take time. And there are conflicting interests here (exec-shield, SELinux and stackguard in the future) that might slow down or stop integration in Debian (fortunately RSBAC and SELinux can live together in 2.6). People will find ways around RSBAC, SSP, PaX and whatever is decided to add next. I suspect that the number of backdoor attempts will increase as soon as cracking systems becomes harder. Therefore the road to a really high security system is a long one. We are still at the beginning of that journey. Groetjes, Peter Busser[...]
