I wasn't going to post this, but it might be relevent to the ongoing custom distribution stuff that's happening. I've been experimenting with producing a hardened Debian derivitive as a small piece of paid work. This mostly means compiling things with a stackguard compiler, using format guard, and enforcing policies, etc.
(We know that stackguard isn't going to produce a completely hardened environment; as all the return-into-libc type exploits will work. Lets not discuss/flame about that. Pretty please!) All of that part I'm happy with. I have a modified glibc and compiler and am confident that I can recompile all the base packages and others that are necessary. It's the process of installing after that after that I'm a bit confused. If I wish to produce an installation CD-ROM identical to that used in woody, with my packages installed how do I do that? Is there some tool that will allow me to create an ISO with my packages. I'm wondering if jigado, or using debootstrap from my apt repository should be the way to go? Any pointers appreciated. The other approach which is simpler to manage but harder to install is to insist upon a stable installation, then have an apt repository with each package I've recompiled have a higher version number, or in a distribution of my own with a release file. (eg like testing, but "steving" or similar.) The latter approach appears to be what Adamantix are doing. Steve -- Still Looking for work Can make coffee well !
pgpoHrWJUjvqk.pgp
Description: PGP signature
