Loading...

lfs-dev@linuxfromscratch.org

[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: x86_64 HLFS Valter Douglas Lisbôa Jr. Thu Jul 31 09:00:44 2008

On Thursday 31 July 2008 11:51:10 Jan Dvorak wrote:
> Hi,
>
> > Remeber HLFS is not considered stable so, I suggest do it in parts, I
> > could start applying stack guard, then Fortify Code, then strl* patches
> > , etc. Saving a whole grsecurity/RSBAC/PaX hardening to the end.
>
>       IMO fortify, strl* and maybe even stack guard should "just work",
> GRSecurity is unintrusive kernel-only thing and RSBAC is not that
> important to me. PaX may be a problem, for I don't have slightest idea
> about ELF binaries and differences between the 32- and 64-bit variants.
> Authors claim it is supported.
Neither me. But PaX tend to be less harmfull than it appear. The paxtest 
programmer (I don't remember his name by now) admits that when he put the PaX 
on the first time on his Debian, he becmoes doubtfull it really functions 
beacause everything was nice, so he creates the software to test. Aside 64 
bits system has more bugs than 32, it could be a good candidate to not have 
throubles (except when you mix it with Xen, nasty thing). 

>       Damn, I mostly answered the original question I've given to you.
> Apologies. 
No problems

> As soon as I get myself some time, I'll try to build it. But 
> first, regular CLFS as a host system.
>
> - Mordae



-- 
Valter Douglas Lisbôa Jr.
Sócio-Diretor
Trenix - IT Solutions
"Nossas Idéias, suas Soluções!"
www.trenix.com.br
[EMAIL PROTECTED]
Tel. +55 19 3402.2957
Cel. +55 19 9183.4244
-- 
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page