Security advisory for removing setuid programs.
n-roeser at gmx.net
Wed Nov 26 03:57:35 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
> On Wed, Nov 26, 2003 at 10:32:29AM +1100, Ryan.Oliver at pha.com.au
>> Would be a great place to dump the "chrooting services" stuff we were
>> working on... (still haven't got around to writing anything up though
>> :-/ ) Also a good place to shunt in the read-only root filesystem...
I think some changes like the read-only filesystem should go into the
LFS book as well, since they do not cause any harm (as far as I can
think of), are rather easy to implement (a sed/patch for glibc and a
symlink, IIRC?) and are really useful...
I don't assume every other book maintainer agrees on that, but I'd be
happy to see something here like it happened with the PLFS integration.
First, create a somewhat improved system/build method, and then
integrate it into the book (or parts of it that can be useful for
Another thought, what about gcc security patches like the one(s?) used
in OpenBSD? To prevent stack overflows.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the lfs-security