rPath Linux update and security information
Posted Nov 21, 2008 15:19 UTC (Fri) by michaelkjohnson
In reply to: rPath Spurs Operating System Evolution with Ubuntu, CentOS Support
Parent article: rPath Spurs Operating System Evolution with Ubuntu, CentOS Support
No, scared me away as somebody who looked at it to run in a small business. Basically, I couldn't find any good information about security, updates, proactive hardening, etc.
I'm sorry that this information was hard to find; it hasn't been our intention to make it so. Our rPath Linux page describes how to find information about maintenance and security updates. Linux Weekly News itself does include rPath's advisories in its security update summaries, and rPath maintains mailing lists dedicated to only security-related updates and for all updates, both general maintenance and security-related for the convenience of our users. We also summarize changes with links to our advisories on a per-product basis; for example rPath Linux 2 Changes, and all of our advisories carry a permanent URL providing the text of the advisory.
"Proactive hardening" can mean multiple things. rPath Linux 2 has been built using --fstack-protector and FORTIFY_SOURCE=2. It does not include SELinux. I'd be glad to answer further more specific questions.
Returning to the topic of the post to which these comments are attached, there is mailing list that promulgates CentOS advisories as they are incorporated into the rBuilder repository which contains the packages for CentOS 5 Delivered by rPath.
to post comments)