Expanding the list of "Hardened Packages"
Dhiru Kholia
dhiru.kholia at gmail.com
Tue Apr 2 12:21:42 UTC 2013
On 04/01/13 at 03:05pm, Dhiru Kholia wrote:
> On 04/01/13 at 10:23am, Michael Scherer wrote:
> > Le lundi 01 avril 2013 à 12:29 +0530, Dhiru Kholia a écrit :
> > > It would be great to have some sort of automated method to find if
> > > hardening criteria applies to a particular package. Ideas are welcome!
> >
> > You can take a look on http://people.redhat.com/sgrubb/security/ , there
> > is a script rpm-chksec to verify that.
>
> Thanks! I found some neat ideas in rpm-chksec script.
>
> I will incorporate them into https://github.com/kholia/checksec
Here is a list of packages (daemons only) which are (possibly) violating
packaging guidelines with respect to hardening.
http://dl.dropbox.com/u/1522424/probable-violations-F19.xls
(Please note that this list was generated by a program and might be buggy!)
--
Dhiru
More information about the devel
mailing list