[yocto] [meta-security-isafw] Introduction of new OE layer: start checking security of the images you are building!
Reshetova, Elena
elena.reshetova at intel.com
Thu Aug 27 13:57:10 PDT 2015
Hi everyone,
I would like to introduce to the Yocto community a new OE layer:
meta-security-isafw. The purpose of this layer is to enable analysis of
different security-related settings/configurations of the OS images that you
might be building, like being able to analyse packages for CVEs and
incompatible licenses, analyse the security options of your kernel config,
permissions of filesystem objects in the image filesystem root and etc.
The layer and the project behind it (isafw) is very new, so we are looking
forward for suggestions/requests on what kind of *security-related*
verification features you want to see in it.
Patches are also obviously very welcomed! :)
We will continue develop and improve the layer in meanwhile.
OE layer:
http://layers.openembedded.org/layerindex/branch/master/layer/meta-security-
isafw/
Direct repo link: https://github.com/01org/meta-security-isafw
The presentation of the isafw at last week's Linux Security Summit 2015:
http://kernsec.org/files/lss2015/reshetova.pdf
Best Regards,
Elena Reshetova
Intel Open Source Technology Center
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20150827/4475e8d6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7586 bytes
Desc: not available
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20150827/4475e8d6/attachment.bin>
More information about the yocto
mailing list