[OpenWrt-Devel] adding seccomp and service jailing to procd
John Crispin
blogic at openwrt.org
Fri Mar 27 10:37:33 EDT 2015
On 27/03/2015 13:45, Etienne Champetier wrote:
> Hi,
>
>
> 2015-03-27 10:42 GMT+01:00 John Crispin <blogic at openwrt.org
> <mailto:blogic at openwrt.org>>:
>
> OpenWrt service hardening and jailing
> =====================================
>
>
> <...>
>
>
> If there are features that we are not aware of yet or that we forgot to
> list, then please let us know about them.
>
> Comments and ideas are welcome ...
> _______________________________________________
>
>
>
> Thanks for this impressive piece of work!!! (awesome features and
> documentation)
>
> As you are working on Openwrt hardenning, what need to be done before
> activating option like
> STACKPROTECTOR, FORTIFY_SOURCE, RELRO_PARTIAL by default?
> (i'm already using them in all my builds, but i think everybody should
> use these options)
i have added them to my list, will look at that in the next days
>
> Also i would love to hear the pro and cons of extending ubus vs
> switching to kdbus
> (i'm not trying to start a debate, and i really have no idea of the work
> involved, just curious)
we need to discuss this internally. i have already started thinking
about it.bu have no opinion yet
John
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list