Emily Ratliff wrote:
Crispin Cowan wrote:
To be considered certified, it would have to be in the certified configuration. Installing a new application with an open network port violates that certification.
This is only true if it opens a port < 1024 or runs as root. If it is started as a non-root user, then a port can be opened. That's why running a webserver on port 8080 does not violate the certified configuration.
I'm not arguing against your main point, but it is not quite as bad as you state here. Thanks for clarifying. Its good to know that the certified configuration's restrictions make it less useless than I thought :-)
Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering http://novell.com --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org