make a whole section for distribution hardening

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24573 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Yves-Alexis Perez <corsac@debian.org> 2013-12-04 12:04:58 +0000
committer: Yves-Alexis Perez <corsac@debian.org> 2013-12-04 12:04:58 +0000
commit: c285bbd986c4719877dca1c39ab133d23f5b4d3d (patch)
tree: 31e95eaefce062d975aca685574aafc520607083 /org/agenda-2014.txt
parent: 4790f3c5725686a3e5dc6b86bdf1a405e2c8bb27 (diff)
1 files changed, 15 insertions, 4 deletions
diff --git a/org/agenda-2014.txt b/org/agenda-2014.txt
index 269f1e4b8a..703a13cf60 100644
--- a/org/agenda-2014.txt
+++ b/org/agenda-2014.txt
@@ -62,10 +62,21 @@ Others
 
 - Compile a list of test instructions for key packages
 
-- distribution hardening (hardening flags, mount flags, default open ports,
-  kernel hardening, heap protection, reducing the attack surfase, etc.),
-  planning for release goal speedup?
-  Adding new flags to dpkg-buildflags? (-fstack-protector-strong, others?)
+Distribution hardening
+======================
+
+- hardening build flags: 
+  - release goal status
+  - PIC/PIE situation
+  - adding new flags to dpkg-buildflags? (-fstack-protector-strong, others?)
+  - planning for release goal speedup? [corsac: what does it means?]
+
+- mount flags and default partitioning
+
+- default open ports
+
+- kernel hardening: memory protections (heap/stack/...), reducing the attack surface
+
 
 LTS
 ===
author	Yves-Alexis Perez <corsac@debian.org>	2013-12-04 12:04:58 +0000
committer	Yves-Alexis Perez <corsac@debian.org>	2013-12-04 12:04:58 +0000
commit	c285bbd986c4719877dca1c39ab133d23f5b4d3d (patch)
tree	31e95eaefce062d975aca685574aafc520607083 /org/agenda-2014.txt
parent	4790f3c5725686a3e5dc6b86bdf1a405e2c8bb27 (diff)