-----Original Message----- From: Crispin Cowan [mailto:crispin@novell.com] Sent: 14 December 2005 11:16 To: Bruno Cochofel Cc: Markus Gaugusch; suse-security@suse.com Subject: Re: [suse-security] Re: Openssh + security
Bruno Cochofel wrote:
Well, I'm running X. I'm a home user and the "server" it's also my PC so I have to use it. I'm also running xscreensaver and aMule (this one all the time). Maybe this is bad!!!
Er, yeah, this is bad.
A firewall machine for a home really does not need much power. You can go buy a crappy old computer and make it be your firewall, and keep the good one for your workstation.
I actually do run X on my gateway, but only because I like the GUI tools like YaST. To make it safe(er), I have carefully ensured that all of X is not talking to the network. AppArmor makes this a bit easier :)
But but but... yast works really well in text mode! Me, I do without X entirely. Some of my boxes just won't like the exra load :-( Heh, why does it not surprise me that you are pro AppArmour? Tom. -- Thomas Knight System Administration Officer Arts and Humanities Data Service http://www.ahds.ac.uk