Package: wnpp
X-Debbugs-CC: deskt...@secure-os.org
* Package name: paxrat
Version : 1
Upstream Author : David McKinney <mckinney@subgraph>
* URL : https://github.com/subgraph/paxrat
* License : GPLv3
Programming Lang: Go
Description : PaX exception daemon for Debian packages.
The newly packaged grsec kernel makes it easier for anyone to run a more
secure kernel. However some major packages like Iceweasel/Tor Browser,
JIT interpreters and main components of Gnome and KDE require PaX
exceptions because they are not compatible with memory protection
features of the enhanced kernel.
Paxrat from the SubgraphOS project is a daemon that maintains and
applies rules from an exception list. It has dpkg hooks for taking care
of binaries even when updated. [2]
Paxrat is implemented in GoLang and is simple to use.
Also a Grsecurity kernel maintainer is interested to have paxrat
packaged. [1]
Please consider packaging it forJessie-backports too to compliment the
backported linux-grsec package for stable installations.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605090#487
[2]
https://github.com/subgraph/paxrat/blob/master/etc/apt/apt.conf.d/70paxrat