diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2013-12-04 12:04:58 +0000 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2013-12-04 12:04:58 +0000 |
commit | c285bbd986c4719877dca1c39ab133d23f5b4d3d (patch) | |
tree | 31e95eaefce062d975aca685574aafc520607083 /org/agenda-2014.txt | |
parent | 4790f3c5725686a3e5dc6b86bdf1a405e2c8bb27 (diff) |
make a whole section for distribution hardening
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24573 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'org/agenda-2014.txt')
-rw-r--r-- | org/agenda-2014.txt | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/org/agenda-2014.txt b/org/agenda-2014.txt index 269f1e4b8a..703a13cf60 100644 --- a/org/agenda-2014.txt +++ b/org/agenda-2014.txt @@ -62,10 +62,21 @@ Others - Compile a list of test instructions for key packages -- distribution hardening (hardening flags, mount flags, default open ports, - kernel hardening, heap protection, reducing the attack surfase, etc.), - planning for release goal speedup? - Adding new flags to dpkg-buildflags? (-fstack-protector-strong, others?) +Distribution hardening +====================== + +- hardening build flags: + - release goal status + - PIC/PIE situation + - adding new flags to dpkg-buildflags? (-fstack-protector-strong, others?) + - planning for release goal speedup? [corsac: what does it means?] + +- mount flags and default partitioning + +- default open ports + +- kernel hardening: memory protections (heap/stack/...), reducing the attack surface + LTS === |