[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The secure distribution listing

To: securedistros@nl.linux.org
Subject: Re: The secure distribution listing
From: ari <edelkind-securedistros@episec.com>
Date: Fri, 30 Nov 2001 12:19:54 -0500
In-Reply-To: <E04CF3F88ACBD5119EFE00508BBB2121974CD5@exch-01.noida.hcltech.com>; from dkumar@noida.hcltech.com, To securedistros@nl.linux.org
List-archive: <http://mail.nl.linux.org/securedistros/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:securedistros@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:securedistros-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:securedistros-request@nl.linux.org?Subject=unsubscribe>
Mail-Followup-To: ari <edelkind-securedistros@episec.com>,securedistros@nl.linux.org
Original-Recipient: rfc822;securedistros-archive@nl.linux.org
References: <E04CF3F88ACBD5119EFE00508BBB2121974CD5@exch-01.noida.hcltech.com>
Reply-to: securedistros@nl.linux.org
Sender: securedistros-bounce@nl.linux.org
User-Agent: Mutt/1.2.5i

dkumar@noida.hcltech.com said this stuff:

[...]
> I have looked at SELinux by NSA and a example policy configuration by NAI
> Labs. The overall stuff is quite impressive. I am agree with the fact that
> no distro can be secure for sure untill it secures the kernel (i mean uses
> the security patches for kernel like LIDS and MAC etc). Some of distros like
> Engarde and Kaladix etc. include these features also. Can we list the
> essential/desired security features in a secure distro ??

I began a document some time ago with this very purpose in mind -- to list
the _minimum_ security requirements for general unix-related distributions.
It can be found at:

	http://www.episec.com/documents/sdg/unix-sdg.html

I wrote the information listed there in a couple of hours, and it is far
from complete.  Unfortunately, i haven't had the freedom to work on it in
the past number of months.  I welcome criticism and contributions.  In the
future, i hope to turn this into a whitepaper; all contributors will be
credited.

To ease discussion, relevant replies should ideally be sent to the list.

ari

[...]


--
.----------------------------- ari ------------------------------.
 Chief of Technical Operations             edelkind[at]episec.com
 Epi Security Industries [Episec, Inc.]        New York, NY [USA]
                                                   www.episec.com
`-------------- internet security for the paranoid --------------'

--
Securedistros: A common list for all secured Linux distributions
Archive:       http://mail.nl.linux.org/securedistros/

References:
- RE: The secure distribution listing
  - From: Deepak Kumar Gupta <dkumar@noida.hcltech.com>

Prev by Date: =?GB2312?Q?net114(=CD=F8=C2=E7114)?=
Prev by thread: RE: The secure distribution listing
Next by thread: =?GB2312?Q?net114(=CD=F8=C2=E7114)?=
Index(es):
- Date
- Thread