libc

Archaic archaic at indy.rr.com
Sat Jan 3 11:35:42 PST 2004


On Sat, Jan 03, 2004 at 01:14:10PM -0500, ashes wrote:
> Is there any reasons uclibc would be considered more secure then
> glibc? What sort of applications would not be able to build with
> uclibc? I'm pretty sure X will, if not then TinyX. Should at least be
> considered. uclibc and busybox is less code, should be less prone to
> bugs too.

Changing libc's would be as drastic a change as moving to a hurd kernel.

> I'm trying to to think of what's best for the community, and what's
> best for the project.

How often have you heard of someone exploiting glibc?

> I should hope hlfs will be more then a collection of patches that would have 
> fit in a few hints. This project began by us agreeing this would never be 
> able to fit in a hint.

It wouldn't fit into one hint, but it will be more like the hints in
that they generally are much more explanative than the LFS books. That
is what will make the biggest difference.

> The goals are going to have to be compeditive with other security
> projects (hardened gentoo, immunix, openbsd) or no one will use it.

I really don't care to compete with distros. They have no goal on
educating, only in producing distros. Our goal is education. The end
result just happens to be a well hardened base system. Eventually it
will include much of BLFS in it, too. Probably starting with the
servers, then X.

> I also think the first book release should have at least one serious 
> feature that no one else has. Either a unique base system design, or even 
> just the educational value, but something more then a bunch of commands to 
> paste and outside links.

Yes, the educational text will be our uniqueness. RO root filesystems
would technically be unique, as well, as I know of no distro that can do
that without modification. There are many things that will make it
unique, but we need to define what needs to be done first, then do it
(aka roadmap). Again, I think a structured means of code auditing should
be implemented first, then the toolchain, then the rest of the base
packages. As it goes along, it will become more and more obvious what
kind of text needs to be written where.

-- 
Archaic

The Constitution is not neutral. It was designed to take the government
off the backs of the people.

- Justice William O. Douglas




More information about the hlfs-dev mailing list