Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] SuSE security reputation, etc..
  • From: David T-G <davidtg@xxxxxxxxxxx>
  • Date: Wed, 2 Aug 2000 14:46:35 -0400
  • Message-id: <20000802144635.A25203@xxxxxxxxxxxx>
Hi, all --

...and then rhoerbe@xxxxxxxxxxxxxxxx said...
...
% Moody seems to be on the MS payroll.

Yep. Blindingly so :-)


%
% On the other side, Linux distributors could do even better. My wishlist
% for Suse:
% - configure security level (like harden_suse questions) with yast, and
% make it more granular.

Great idea.


% - by default, no shell user should be allowed to log in to ftp/telnet/pop
% using the same password or at all

Here's what throws me. I understand you to say that the default should
be for a console-only system. Is that what you meant?? I also don't
know what you mean by "same password"...


% - have an installation option, that compares installed packages versus
% ftp.suse.com and lists known vulnerabilites and available fixes, and does
% updates on request

That would be nice, too :-)


%
% I think, that a lot of security can be gained my making defaults more
% secure, or easy, selectable installation options. Few systems get the
% attention, that they should ..

Yep. Few users, me included, even know all of the places to look, much
less have the time to go and get updated packages and install them and
make sure they really don't break anything else...


%
% Rainer
%
%
%
%
% Frank Hart <frhart@xxxxxxx>
% Sent by: hart@xxxxxxxxxxxxxxxxxxxxxxxx
% 02.08.00 20:31
%
%
% To:
% cc: suse-security@xxxxxxxx
% Subject: Re: [suse-security] SuSE security reputation, etc..
%
% Len Rose wrote:
%
% > http://www.abcnews.go.com/sections/tech/FredMoody/moody.html
% > It really sucks that SuSE wasn't even mentioned.
%
% What really sucked was that this article is a total piece of crap. Based
% on the number of vulnerability's mr. Moody qualified a total OS. Also he
% adds the vulnerabilities of every linux distro but that is nonsence,
% cause there's a big chance a vulnerablility found in eg RedHat also
% affects SuSE.
%
% --
% SuSE Linux 6.4 -o) | Like the ski resort of girls looking for
% Kernel 2.2.16 /\ | husbands and husbands looking for girls, the
% on a i686 _\_v | situation is not as symmetrical as it might
% mailto:frhart@xxxxxxx | seem. -- Alan McKay
%
% ---------------------------------------------------------------------
% To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
% For additional commands, e-mail: suse-security-help@xxxxxxxx
%
%
%
%
%
%
% ---------------------------------------------------------------------
% To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
% For additional commands, e-mail: suse-security-help@xxxxxxxx


:-D
--
David T-G * It's easier to fight for one's principles
(play) davidtg@xxxxxxxxxxx * than to live up to them. -- fortune cookie
(work) davidtgwork@xxxxxxxxxxx
http://www.bigfoot.com/~davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
The "new millennium" starts at the beginning of 2001. There was no year 0.
Note: If bigfoot.com gives you fits, try sector13.org in its place. *sigh*

< Previous Next >
References