ProactiveSecurityRoadmap

Revision 1 as of 2005-04-04 18:04:03

Clear message

People

Goal

Proactively improve security for Breezy

Requirements

  • Run cron as non-root?
  • Run dhclient3 as non-root?
  • Eliminate inetd from base
  • Compile-time stack protection

Agenda

Pre-Work

  • Research privilege requirements of cron, dhclient3
  • Search for implicit dependencies on inetd via netbase
  • Determine requirements for compile-time stack protection in gcc (4.x?)