On Saturday 25 October 2003 16:19, Bo Jacobsen wrote:
I agree 100%. They need an install option named firewall, or some thing like that, that leaves out ANY stuff that should not run on a firewall. I actually find it a little strange that they have not implemented that a long time ago, since security has been a hot topic for a long time now.
Why not quite simply try out OpenBSD if you want to use a machine as a firewall? Security patches for OpenBSD are source only, so in your case you would need a second computer for making binaries for your firewall. I'm quite sure that quite a few readers on this mailinglist runs heterogenous networks.
The normal SuSE installation even have world-read permission on all files in /root !!!. I find that more then a little open.
The directory /root is readable only by root, unless you changed it's permissions.
Actually, SuSE's lack of priority on basic system secutity tools, has forced me to start looking at other systems like FreeBSD etc.
Bo
I'm not quite sure what you mean by "lack of priority on basic system secutity tools" in SuSE. SuSE does a quite a decent job in this respect. And if you need a more recent version of, say, nmap, the "make" is still available. /Sigfred