1 |
On Thu, 1 Jul 2010 08:46:11 +0100 |
2 |
Radoslaw Madej <radegand@××.pl> wrote: |
3 |
|
4 |
> Hi guys, |
5 |
> |
6 |
> I convinced the company I work for to allow me to spend some time on |
7 |
> reviewing different security aspects of Linux OS and different distros. As it |
8 |
> also involves Gentoo Hardened (which I also happily use on a daily basis), I |
9 |
> thought I'd share. :) |
10 |
> |
11 |
> http://labs.mwrinfosecurity.com/projectdetail.php?project=13&view=news |
12 |
> |
13 |
> There should be more to come in a near future. Any feedback appreciated :) |
14 |
> |
15 |
> Thanks to all hardened-dev for making the Hardened Gentoo happen! :) |
16 |
> Regards, |
17 |
> Radek Madej |
18 |
> |
19 |
|
20 |
A very good paper my friend, I enjoyed reading it :) |
21 |
|
22 |
I think you go into enough detail to keep even the less interested people |
23 |
reading and I hope that you manage to propagate this article (Maybe we could |
24 |
put a reference to it in the hardened docs?) so that more people become aware. |
25 |
|
26 |
Sure, some people are probably going to start question your testing methods and |
27 |
such because, like you mention in the paper, assessing security enabled on |
28 |
binaries can give false positives and negatives depending on how the code looks |
29 |
like. |
30 |
|
31 |
-- |
32 |
Mvh |
33 |
Daniel Kuehn |