[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Old question: what is SUSE going to do with harden_suse / Bastille
On Saturday 25 October 2003 16:19, Bo Jacobsen wrote:
> I agree 100%. They need an install option named firewall, or some thing
> like that, that leaves out ANY stuff that should not run on a firewall. I
> actually find it a little strange that they have not implemented that a
> long time ago, since security has been a hot topic for a long time now.
Why not quite simply try out OpenBSD if you want to use a machine as a
firewall? Security patches for OpenBSD are source only, so in your case you
would need a second computer for making binaries for your firewall. I'm quite
sure that quite a few readers on this mailinglist runs heterogenous networks.
> The normal SuSE installation even have world-read
> permission on all files in /root !!!. I find that more then a little open.
The directory /root is readable only by root, unless you changed it's
> Actually, SuSE's lack of priority on basic system secutity tools, has
> forced me to start looking at other systems like FreeBSD etc.
I'm not quite sure what you mean by "lack of priority on basic system secutity
tools" in SuSE. SuSE does a quite a decent job in this respect. And if you
need a more recent version of, say, nmap, the "make" is still available.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here