1 |
On 10/25/11 16:18, Kacper Kowalik wrote: |
2 |
> W dniu 20.10.2011 10:47, "Paweł Hajdan, Jr." pisze: |
3 |
>> I've noticed |
4 |
>> <http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags>, i.e. |
5 |
>> Debian is starting to make more and more hardening features default, at |
6 |
>> least for most packages. |
7 |
>> |
8 |
>> Should we start doing that too? What are possible problems with that? It |
9 |
>> seems like it's mostly about USE=hardened, right? |
10 |
> Hi, |
11 |
> just a bunch of quick questions from a hardened newbie: |
12 |
> |
13 |
> 1) Is there are reason to do it beside "Debian is going to do it"? |
14 |
For most users it has no negative impact. So in terms of cost it is, |
15 |
analogous to as-needed, a little bit more work for us as maintainers. On |
16 |
the upside we get the "more secure" thing you don't care about. |
17 |
And you can still turn it all off, so you have no mandatory changes |
18 |
(except configuration defaults) |
19 |
> 2) What's wrong with current approach i.e. having seperate hardened profile? |
20 |
Nothing wrong per se, but it would be beneficial to make these paranoia |
21 |
features more available to users. You can still turn 'em all off, if you |
22 |
want, so we're basically only suggesting to go from an opt-in to an |
23 |
opt-out for those features. |
24 |
> 3) What are the benefits for an average desktop user or high-performance |
25 |
> cluster? |
26 |
> |
27 |
> While answering that, please skip things obvious like having "more |
28 |
> secure box". |
29 |
From that perspective none, but for those of us that do other things |
30 |
(like running public-facing servers) it lets us sleep a bit better at night. |
31 |
Counter-question would be what's the downside - I've seen no benchmarks |
32 |
that show a serious performance impact for most features (last time I |
33 |
looked most of the PaX kernel features are <1% runtime cost) |