Security testing

Steve Grubb sgrubb at redhat.com
Wed Aug 3 13:52:10 UTC 2011


Hello,

I just wanted to let everyone know that I've made a number of tests available for 
assessing security of the distribution. It is by no means a comprehensive auditing 
tool, but the scripts definitely find problems.

http://people.redhat.com/sgrubb/security/

On this list, the rpm-chksec program is the one that I am most interested in people 
using right now. For Fedora 16, we have updated the policy to recommend all packages 
be compiled with partial RELRO and important programs have full RELRO enabled. This 
script can check individual rpms or the whole distribution at once for compliance.

I have text explaining what each test does. If anyone finds problems with a script, 
please let me know. I will be adding more scripts as I find problems that need 
widespread attention.

Hope this helps find and fix problems...

Thanks,
-Steve


More information about the test mailing list