> From: Hendrik Sattler
> Newsgroups: gmane.linux.debian.devel.general
> Subject: Re: X and non-X packages (Re: Attempts at security)
> Date: Sun, 4 Feb 2007 18:59:01 +0100
Hallo, Hendrik.
> Am Sonntag 04 Februar 2007 15:36 schrieb Oleg Verych:
>> I'm the one, who do
On 04-Feb-07, 08:36 (CST), Oleg Verych <[EMAIL PROTECTED]> wrote:
> As there are *-static and non static packages of executable, e2fsck as
> example, i think, it's not very hard to have some other differences,
> such as *-x -nox, etc.
There are a very few packages built -static: all I can find at
Am Sonntag 04 Februar 2007 15:36 schrieb Oleg Verych:
> I'm the one, who don't need X, but emacs21 is linked to some X, even to
> (ugly) 3d scollbars, that i hate. Thus, i whould say it's a *very* big
> disadvantage.
emacs21-nox exists
and that's what I use, too. The X interface is plain ugly and
> From: Lars Wirzenius
> Newsgroups: gmane.linux.debian.devel.general
> Subject: Re: Attempts at security
> Date: Sat, 03 Feb 2007 14:05:30 +
Hallo.
> On la, 2007-02-03 at 12:37 +0100, Hendrik Sattler wrote:
>> > > Not being able to change the cause to
On Sun, Feb 04, 2007 at 12:27:41PM +1100, Russell Coker wrote:
> On Saturday 03 February 2007 23:47, Hendrik Sattler
> <[EMAIL PROTECTED]> wrote:
> > > It's disabled by default, unlike in Fedora and Red Hat Enterprise Linux
> > > where it's on by default. I believe that the latest release of SUSE
On Sun, 04 Feb 2007, Russell Coker wrote:
> On Sunday 04 February 2007 01:20, Henrique de Moraes Holschuh <[EMAIL
> PROTECTED]>
> wrote:
> > On Sat, 03 Feb 2007, Russell Coker wrote:
> > > One that springs to mind is CONFIG_HIGHMEM4G, it seems only useful if you
> > > have
> >
> > You need to ena
On Sunday 04 February 2007 01:20, Henrique de Moraes Holschuh <[EMAIL
PROTECTED]>
wrote:
> On Sat, 03 Feb 2007, Russell Coker wrote:
> > One that springs to mind is CONFIG_HIGHMEM4G, it seems only useful if you
> > have
>
> You need to enable PAE (64GB support) to access the NX bit on ia32, which
On Saturday 03 February 2007 23:47, Hendrik Sattler
<[EMAIL PROTECTED]> wrote:
> > It's disabled by default, unlike in Fedora and Red Hat Enterprise Linux
> > where it's on by default. I believe that the latest release of SUSE has
> > AppArmor on by default.
>
> RedHat has a long history of stran
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/03/07 08:20, Henrique de Moraes Holschuh wrote:
> On Sat, 03 Feb 2007, Russell Coker wrote:
[snip]
>>> "Real world security concerns"? Please describe your "real world" and
>>> compare to the other existant "real world"s.
>
> Botnets and the maf
On Sat, 03 Feb 2007, Russell Coker wrote:
> One that springs to mind is CONFIG_HIGHMEM4G, it seems only useful if you
> have
You need to enable PAE (64GB support) to access the NX bit on ia32, which is
even worse, and that's the reason why my 1GB laptop has a PAE kernel :(
> Another is the fact
On la, 2007-02-03 at 12:37 +0100, Hendrik Sattler wrote:
> > > Not being able to change the cause to the better doesn't mean to
> > > introduce a mess to control the result. And I really hope that Debian
> > > never considers installing+enabling selinux by default.
> >
> > IIRC, debian/etch alread
Am Samstag 03 Februar 2007 13:17 schrieb Russell Coker:
> Anyway, if the overhead of SE Linux in the kernel is something you consider
> to be a problem then there are many bigger problems that you will have with
> the Debian kernel packages (or probably any kernel image from a binary
> distribution
Am Samstag 03 Februar 2007 02:21 schrieb Russell Coker:
> On Saturday 03 February 2007 05:17, Hendrik Sattler
> <[EMAIL PROTECTED]> wrote:
> > And everybody gets the SE Linux overhead if he wants or not?
>
> It's disabled by default, unlike in Fedora and Red Hat Enterprise Linux
> where it's on by
On Saturday 03 February 2007 22:37, Hendrik Sattler
<[EMAIL PROTECTED]> wrote:
> Am Freitag 02 Februar 2007 21:14 schrieb Reinhard Tartler:
> > Hendrik Sattler <[EMAIL PROTECTED]> writes:
> > > And everybody gets the SE Linux overhead if he wants or not?
> >
> > Which overhead does SE Linux impose
Am Freitag 02 Februar 2007 21:14 schrieb Reinhard Tartler:
> Hendrik Sattler <[EMAIL PROTECTED]> writes:
> > And everybody gets the SE Linux overhead if he wants or not?
>
> Which overhead does SE Linux impose to you?
Take a look at the extra paths in the LSM that the kernel runs for many system
On Feb 02, Russell Coker <[EMAIL PROTECTED]> wrote:
> One of the enemies of security in Debian is the fact that every person
> controls their little area and has no requirement to work towards common
> goals (apart from the most obvious ones of making the system work).
Things used to be differen
On Saturday 03 February 2007 05:17, Hendrik Sattler
<[EMAIL PROTECTED]> wrote:
> And everybody gets the SE Linux overhead if he wants or not?
It's disabled by default, unlike in Fedora and Red Hat Enterprise Linux where
it's on by default. I believe that the latest release of SUSE has AppArmor
Hendrik Sattler <[EMAIL PROTECTED]> writes:
> And everybody gets the SE Linux overhead if he wants or not?
Which overhead does SE Linux impose to you?
> The current system does not give you perfect security but neither does
> adding SE Linux. Instead, you probably get annoying permission
> probl
Am Freitag 02 Februar 2007 13:49 schrieb Russell Coker:
> One of the enemies of security in Debian is the fact that every person
> controls their little area and has no requirement to work towards common
> goals (apart from the most obvious ones of making the system work).
>
> This means that inste
On Fri, Feb 02, 2007 at 11:49:23PM +1100, Russell Coker wrote:
>
> One of the enemies of security in Debian is the fact that every person
> controls their little area and has no requirement to work towards common
> goals (apart from the most obvious ones of making the system work).
>
> This mea
On Friday 02 February 2007 22:21, Ian Jackson <[EMAIL PROTECTED]>
wrote:
> > > If you want a general purpose hook, or some crazy SE-Linux-specific
> > > feature, then you should probably propose one. Personally I think a
> > > general purpose hook feature would probably be abused so should not be
21 matches
Mail list logo
