Re: Is this mail list dead?

[Rik van Riel <riel@conectiva.com.br>]

On Mon, 12 Mar 2001, Tracy R Reed wrote:

> Unfortunately, not many distros seem interested in security in
> general. It's giving Linux a bad name.

Unfortunately, indeed.  I'll have to thank Andreas
Hasenack for being stubborn and not allowing unneeded
insecurities into our distro ... ;)

- no services (except identd) in inetd.conf by default,
  inetd not running
- OpenSSL / OpenSSH installed by default
- apache's httpd.conf has ssl configured
- FreeS/WAN in the kernel
- apt-get w/ GPG signed packages (for easy and secure
  upgrading when a security hole is found)

I hope other mainstream distro's will copy some of these
things from Conectiva (though I guess the crypto stuff may
be difficult for US companies) and make Linux as a whole
more secure...

Is there anything I've forgotten to mention, or are there
other things needed to make Linux distro's more secure without
impacting functionality or ease-of-use ?

regards,

Rik
--
Virtual memory is like a game you can't win;
However, without VM there's truly nothing to lose...

		http://www.surriel.com/
http://www.conectiva.com/	http://distro.conectiva.com.br/

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/