[arch-dev-public] providing grsecurity in [community]
allan at archlinux.org
Wed Apr 16 05:52:27 EDT 2014
On 16/04/14 17:25, Daniel Micay wrote:
> On 16/04/14 03:15 AM, Daniel Micay wrote:
>> Pacman hooks would
>> be a nicer solution than editing all the install scripts, but we don't
>> have those :).
> It also wouldn't be nearly as bad if packages could store extended
> attributes, since the ugly install scripts could be avoided and paxctl
> would only be a make dependency. Packages like iputils already run into
> this issue due to using capabilities as a replacement for setuid.
Just submitted a patch to pacman that will allow setting capabilites in
the package() function.
More information about the arch-dev-public