[Secure-testing-team] Notes from Debconf 9 security BoF: July 29, 2009
Nico Golde
debian-secure-testing+ml at ngolde.de
Tue Aug 11 19:44:47 UTC 2009
Hi,
* Micah Anderson <micah at riseup.net> [2009-07-30 11:04]:
[...]
> Enabling hardening options in squeeze
> -------------------------------------
>
> How to push for enabling more hardening compile options in squeeze?
>
> sf: kees said that ubuntu enabled these options in the compiler. i
> talked with doko earlier this week, and was talkng about enabling it
> in dpkg-buildpackage, so the environment variables have to be sorted
> out. there is the problem that if it is just enabled, architecture
> maintainers will cry that some performance tests weren't done
[...]
While I just read about this on debian-user-german, what
about having sha512 hashed passwords in shadow as a release
goal as well? This should be fairly easy to implement and
would help a lot :)
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090811/08b92f93/attachment.pgp>
More information about the Secure-testing-team
mailing list