Security advisory for removing setuid programs.

Archaic archaic at indy.rr.com
Wed Nov 26 06:49:45 PST 2003


On Wed, Nov 26, 2003 at 12:57:35PM +0100, Nico R. wrote:
> 
> I think some changes like the read-only filesystem should go into the
> LFS book as well, since they do not cause any harm (as far as I can
> think of), are rather easy to implement (a sed/patch for glibc and a
> symlink, IIRC?) and are really useful...

No. I'm actually talking about a new book. This stuff isn't the goal or
purpose of LFS.

> Another thought, what about gcc security patches like the one(s?) used
> in OpenBSD? To prevent stack overflows.

ashes and I have been doing test builds. He's contacted maintainers and
such and has written a hint for propolice. It's pretty solid, but
ongoing.

-- 
Archaic

The price of liberty is, always has been, and always will be blood.  The
person who is not willing to die for his liberty has already lost it to
the first scoundrel who is willing to risk dying to violate that
person's liberty.  Are you free?

- Andrew Ford




More information about the lfs-security mailing list