RE: The secure distribution listing

[Deepak Kumar Gupta <dkumar@noida.hcltech.com>]

> On Thu, Nov 29, 2001 at 08:40:01PM +0530, Deepak Kumar Gupta wrote:
> > I am giving the list of available secure distributions. The 
> list can be a
> > useful information for discussing the security issues in these
> > distributions.
> 
> After having been rooted via ssh (in-secure shell) recently I wouldn't
> consider any distro to be sure unless it implements some functionality
> like LIDS or SELinux. I have been playing with SELinux lately and I am
> very impressed. It is going on all of my important machines 
> going forward.
> Simply having sane security defaults won't cut it anymore.  
> Fortunately, a
> couple of the distros mentioned below utilize various 
> implementations of
> the Linux capabilities system (LIDS etc.)
> 

I have looked at SELinux by NSA and a example policy configuration by NAI
Labs. The overall stuff is quite impressive. I am agree with the fact that
no distro can be secure for sure untill it secures the kernel (i mean uses
the security patches for kernel like LIDS and MAC etc). Some of distros like
Engarde and Kaladix etc. include these features also. Can we list the
essential/desired security features in a secure distro ??

The first one is as given by Tracy: Secure distro must have secure kernel
patches like LIDS, MAC etc. (although the essential kernel security feature
listing is also too long).


> -- 
> Tracy Reed      http://www.ultraviolet.org
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
> 
--
Securedistros: A common list for all secured Linux distributions
Archive:       http://mail.nl.linux.org/securedistros/