Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 8 Aug 2012 10:39:30 +0400
From: Solar Designer <>
Subject: Re: segoon's report #15


On Tue, Aug 07, 2012 at 11:30:15PM +0400, Vasily Kulikov wrote:
> Accomplishments:
> - Backported HARDEN_STACK patch, tested it on i686 kernel with
>   exec-shield, on x86_64 kernel and x86_64 userspace, on x86_64 kernel
>   and i686 userspace.
> - Suggested userspace <--> kernel API for HARDEN_VM86, implemented it.
> - Found limited "unlink" ability of CT's root in CT0, reported to
>   OpenVZ bugzilla.

Thanks for working on these.

> Priorities:
> - Discuss what PaX features we want to see in Owl kernel.
> - Discuss whether we need sysfs hardening and log spoofing protection in
>   Owl kernel.
> - Port confirmed patches to Owl kernel after owl-dev discussions.

Does this mean you're done with all other kernel hardening changes you
wanted to make this summer?

When are we getting the kernel update to RHEL6'ish into Owl?

When are we updating glibc?

I don't mean to hurry you up on these - in fact, I have difficulty
finding time to process your previous set of changes - I am merely
asking about your plans/preferences.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.