Bug#605090:

For those following along at home, I would suggest booting the grsec enabled kernel once - then saving the output of `sudo lsmod` into a file. Take every module you want (ie: all of them) and put the list into /etc/initramfs-tools/modules - then you'll need to run `dpkg-reconfigure

Bug#605090:

On 12/21/15, Mickaël Salaün <m...@digikod.net> wrote: > On 21/12/2015 00:14, Jacob Appelbaum wrote: >> I was left with: >> >> [ 1802.373906] grsec: denied untrusted exec (due to not being in >> trusted group and file in non-root-owned directory) of >> /run/

Bug#605090:

I'm also running this kernel with AppArmor and it seems to work without issue. I followed the steps on https://wiki.debian.org/AppArmor/HowToUse which sets "apparmor=1 security=apparmor" on the kernel command line as documented: sudo perl -pi -e

Bug#605090:

To make my Debian Jessie system work with pax, I had to set pax flags for these three binaries: paxctl -c -m /usr/bin/gnome-shell paxctl -c -m /usr/bin/gnome-session paxctl -c -m /usr/bin/pulseaudio If you don't want to modify the binary, you can also set the attributes in the file system:

Bug#605090: [RFC] Proposal for a new linux-grsec source package

It may make sense for us to have a package of paxrat with common configurations for Debian users: https://github.com/subgraph/paxrat This would ensure that everyone can use this kernel and have xorg work as expected, for example. Otherwise, I think we will see a lot of people who just run:

Bug#605090: [RFC] Proposal for a new linux-grsec source package

On 12/19/15, Yves-Alexis Perez wrote: > On jeu., 2015-11-05 at 22:08 +0100, Yves-Alexis Perez wrote: >> On sam., 2015-10-10 at 21:55 +0200, Yves-Alexis Perez wrote: >> > This is really a work in progress and this mail a request for comment. >> > Especially missing is: >> >> So,

Bug#605090: [RFC] Proposal for a new linux-grsec source package

On 12/19/15, Jacob Appelbaum <ja...@appelbaum.net> wrote: > On 12/19/15, Yves-Alexis Perez <cor...@debian.org> wrote: >> On jeu., 2015-11-05 at 22:08 +0100, Yves-Alexis Perez wrote: >>> On sam., 2015-10-10 at 21:55 +0200, Yves-Alexis Perez wrote: >>&

Bug#741668:

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: novena-eeprom Version : v1.0 Upstream Author : Sean Cross * URL : https://github.com/xobs/novena-eeprom/ * License : BSD Programming Lang: C Description : novena

Bug#741677: ITP: blockfinder -- enumerates network information for countries

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: blockfinder Version : v1.0 Upstream Author : Jacob Appelbaum * URL : https://github.com/ioerror/blockfinder/ * License : BSD-2-Clause Programming Lang: Python

Bug#740738: ITP: golang-xmpp-dev -- pure Golang xmpp client implementation

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: golang-xmpp-dev Version : 0.0~20140304-1 Upstream Author : Adam Langley a...@imperialviolet.org * URL : http://www.github.com/agl/xmpp * License : BSD Programming Lang

Bug#740741: ITP: xmpp-client -- console XMPP client written in pure Go.

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: xmpp-client Version : 0.1~20140304-1 Upstream Author : Adam Langley a...@imperialviolet.org * URL : http://www.github.com/agl/xmpp * License : BSD Programming Lang

Bug#740364: ITP: orchid -- a tor client implementation and library written in pure java

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: liborchid-java Version : 1.0 Upstream Author : Bruce Leidl br...@subgraph.com * URL : http://www.subgraph.com/orchid.html * License : BSD Programming Lang: Java

Bug#699107: Package uploaded

I've uploaded a package - including the suggested VCS packaging details - it is now in the new queue waiting for review by the Great Debian Packaging Review Overlords: https://ftp-master.debian.org/new.html https://ftp-master.debian.org/new/torbirdy_0.1.2-1.html I've also updated a related

Bug#705177: ITP: torbrowser-launcher -- A program to help you download, keep updated, and run the Tor Browser Bundle

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: torbrowser-launcher Version : 0.0.1 Upstream Author : Micah Lee micahf...@riseup.net * URL : https://github.com/micahflee/torbrowser-launcher * License : BSD

Bug#699107: ITP: TorBirdy -- configures Mozilla birds for use with Tor

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: torbirdy Version : 0.0.13 Upstream Author : Jacob Appelbaum ja...@appelbaum.net * URL : https://www.github.com/ioerror/torbirdy * License : BSD Programming Lang

Bug#681000: ITP: tlsdate -- secure parasitic rdate replacement

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum ja...@appelbaum.net * Package name: tlsdate Version : 0.0.1 Upstream Author : Jacob Appelbaum ja...@appelbaum.net * URL : https://www.github.com/ioerror/tlsdate * License : BSD Programming Lang: C

Bug#495416: ITP: AESKeyFinder -- A tool for finding and reconstructing AES keys.

Package: wnpp Severity: wishlist Owner: Debian Forensics [EMAIL PROTECTED] * Package name: AESKeyFinder Version : 1.0.0 * URL : http://citp.princeton.edu/memory/code/ * License : BSD Programming Lang: C Description : A tool for finding and repairing AES

Bug#495418: ITP: RSAKeyFinder -- A tool for locating RSA private and public keys.

Package: wnpp Severity: wishlist Owner: Debian Forensics [EMAIL PROTECTED] * Package name: RSAKeyFinder Version : 1.0.0 * URL : http://citp.princeton.edu/memory/code/ * License : BSD Programming Lang: C++ Description : A tool for locating RSA private and

Bug#495422: ITP: biosmemimage -- Tools for capturing memory dumps on x86 and x86-64 systems

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum [EMAIL PROTECTED] * Package name: biosmemimage Version : 1.0.0 * URL : http://citp.princeton.edu/memory/code/ * License : BSD Programming Lang: C Description : Tools for capturing memory dumps on x86

Bug#495422: ITP: biosmemimage -- Tools for capturing memory dumps on x86 and x86-64 systems

owner 495422 Debian Forensics [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#494043: ITP: ozymandns -- An experimental DNS server and miscellaneous DNS tools

Package: wnpp Severity: wishlist Owner: Jacob Appelbaum [EMAIL PROTECTED] * Package name: ozymandns Version : 0.0.1 Upstream Author : Dan Kaminsky [EMAIL PROTECTED] * URL : http://www.doxpara.com/ozymandns_src_0.1.tgz * License : (Currently consulting