On 12/6/2011 5:20 PM, Cristian Rodríguez wrote:
On 06/12/11 16:10, Brian K. White wrote:
Having a lot lot of stuff exposed and believing that it's all ok is fundamentally less secure than not exposing anything in the first place.
isn't that essentially "security through obscurity" (aka, path to fail ? )
Security through obscurity is an unrelated concept. Security through obscurity would be placing something in 666 file somewhere but just not telling anyone it's there and hoping no one thinks to look there. That has nothing to do with this. Not including or using features you don't actually need is a key part of an overall pattern of maximizing security. If you want a catch phrase, including unnecessary features and hoping they are all safe, or relying on some other layer of security elsewhere to prevent access to them is "eggshell security". -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org