RE: Announcing Solaris Security Paper
From: Peter.Havens@Level3.comDate: 10/12/01
- Previous message: McAllister, Andrew: "RE: Tripwire output on Solaris 2.7"
- Maybe in reply to: Peter L. Ashford: "Announcing Solaris Security Paper"
- Next in thread: Matthew R. Potter: "RE: Announcing Solaris Security Paper"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Peter.Havens@Level3.com Message-ID: <7599F001C7F8D4118AAD0008C79199740170806A@N0239IDC1.oss.level3.com> To: ashford@SDSC.EDU, focus-sun@securityfocus.com Subject: RE: Announcing Solaris Security Paper Date: Fri, 12 Oct 2001 13:51:13 -0600
// -----Original Message-----
// From: Peter L. Ashford [mailto:ashford@SDSC.EDU]
// Subject: Announcing Solaris Security Paper
//
// Comments and/or suggestions are appreciated.
Hi,
At first glance, you're web page looks very useful. However, I noticed one
thing in skimming through it. Under the section
http://www.accs.com/p_and_p/SolSec/#Network, the paper states:
Disk Layout
This subject has no bearing on security...
I would disagree with this statement. First of all, you can make a file
system read-only and/or nosuid, and secondly you can contain file growth
(perhaps DOS issues are minor). Therefore, your disk layout does have a
bearing on security. Comments? Did I miss something by just skimming?
Peter Havens
Level 3 Communications
- Previous message: McAllister, Andrew: "RE: Tripwire output on Solaris 2.7"
- Maybe in reply to: Peter L. Ashford: "Announcing Solaris Security Paper"
- Next in thread: Matthew R. Potter: "RE: Announcing Solaris Security Paper"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
