[arch-general] Arch Linux and security - it needs some work

[Shridhar Daithankar]

On Wednesday 03 February 2010 12:56:57 Robert Howard wrote:
> suppose my problem with all the Arch security/insecurity talk is that it
> assumes that Arch users are not more than capable of reading lists and
> discovering bug and holes in software that we use daily. I don't think
>  there has ever been an issue with an Arch package that wasn't fixed as
>  soon as upstream made a fix available. We can't expect our small community
>  to fix upstream bugs and issues. Moreover, the effort should be spent on
>  addressing distribution specific shortcomings. Just my two cents.

+1. 

Thats why I am still subscribed to slackware security announcment, just for 
cross-check. So far it hasn't mattered :)

I think the issue for arch is not patching, that is already as good as it gets 
but configuration. Hardened kernel + user space, multiple available kernels, 
such as RBAC,gresec etc. I guess the demand is simply not too great.

I filed a request for smack inclusion some time back and it was  attempted too 
but it did not play well with some other things. I guess it will take some 
time before it is mature enough.
-- 
Regards 
 Shridhar