Date: Wed, 14 Mar 2012 12:46:12 +0100 From: Paweł Hajdan, Jr. <phajdan.jr@...il.com> To: owl-dev@...ts.openwall.com Subject: hardened-shadow, a shadow suite that has tcb built-in I'd like to announce my little project I've published recently: hardened-shadow. It's an alternative implementation of shadow utilities (login, su, passwd and so on), inspired by Openwall's tcb. The advantage is that you don't need separate patches (that are often out of sync) or libraries. Everything: programs, PAM module and NSSwitch module are in the same package. Also, it works with vanilla glibc. Finally, it's smaller than shadow-utils, and should be easier to fully audit. The drawback is that it's new (so not really tested; also, some security bugs are likely to be lurking around), and doesn't support some features like SELinux or NIS. I'd like to add SELinux support, and I'm rather unenthusiastic about NIS; anyway I'm open to the opinions of the community about that). The project's homepage is http://code.google.com/p/hardened-shadow/ . I'm currently looking for people interested in using hardened-shadow, as well as some form of security audit of this very young codebase. Paweł Hajdan, Jr. Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.