Security features of recent Fedora versions?
Németh Tamás
nice at titanic.nyme.hu
Sun May 27 00:06:39 UTC 2007
Dear Fedora developers or Experts!
In these days I am mostly engaged in the task of choosing a free and secure
Linux ditribution for our university. I've read some documents from this field
but I am in doubt in a few areas:
When i look at Ingo Molnar's Exec Shield patch web page
(http://people.redhat.com/mingo/exec-shield/), I got the impression that a
fully feature Exec Shield patch set exists only for the 2.4 series of the
Linux kernels, and on the 2.6 series it only provides NX. Am I correct? Is
there an (maybe exprimental) Exec Shield patch for 2.6 kernels which provides
full ALSR functionality, including the relocation of PIE binaries? If not,
then I wonder why is it so difficult to be done for the 2.6 series. (For
example PaX is still considered experimental on 2.6!)
Are the Fedora packages linked with BIND_NOW option to make the -z relro
linking option even more effective?
Thank you for the information!
Best regards:
Nemeth, Tamas
IT administrator
University of West-Hungary, Sopron, Hungary
More information about the Fedora-security-list
mailing list