secure by default distros
From: E. Ratliff (ratliff@polaris.net)Date: 09/25/01
- Previous message: Ryan W. Maple: "Re: Secure Linux?"
- Next in thread: Patrick Duane Dunston: "Re: secure by default distros"
- Reply: Patrick Duane Dunston: "Re: secure by default distros"
- Reply: dukun: "Re: secure by default distros"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Sep 2001 16:30:52 -0400 (EDT) From: "E. Ratliff" <ratliff@polaris.net> To: "'security-discuss@linuxsecurity.com'" <security-discuss@linuxsecurity.com> Subject: secure by default distros Message-ID: <Pine.GS4.4.00.10109251627020.28678-100000@polaris.net>
> THat goes back to the discusson of no OS is 100% secure because, correct
> me if I am wrong, but StackGuard and FormatGuard doesn't seem to protect
> against a web directory traversal, for example. Or does it?
StackGuard and FormatGuard don't but SubDomain might. SubDomain does
permissions per process rather than per user so the damage that is caused
by a web directory traversal is limited to what the process is allowed to
do.
I didn't mean to indicate that Immunix doesn't set secure defaults, I'm
just not entirely sure that they do. And I do agree with the prevailing
view on the list that security is almost entirely in the hands of the
administrator, no matter what the distribution.
Emily
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
- Previous message: Ryan W. Maple: "Re: Secure Linux?"
- Next in thread: Patrick Duane Dunston: "Re: secure by default distros"
- Reply: Patrick Duane Dunston: "Re: secure by default distros"
- Reply: dukun: "Re: secure by default distros"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
