Bug#81118: base: Wishlist: High security base system (or separate add-on package)

To: Anthony Towns <aj@azure.humbug.org.au>, 81118@bugs.debian.org
Subject: Bug#81118: base: Wishlist: High security base system (or separate add-on package)
From: Joey Hess <joeyh@debian.org>
Date: Thu, 4 Jan 2001 11:32:48 -0800
Message-id: <20010104113248.E21475@silk.kitenet.net>
Reply-to: Joey Hess <joeyh@debian.org>, 81118@bugs.debian.org
In-reply-to: <20010104222412.B6266@azure.humbug.org.au>; from aj@azure.humbug.org.au on Thu, Jan 04, 2001 at 10:24:13PM +1000
References: <200101030815.f038Fhb02014@away.lingsoft.fi> <20010103105837.B6915@home.debsupport.de> <20010103195058.F641@seteuid.getuid.de> <20010104003316.F29805@plato.local.lan> <20010104104046.C18474@bofh.de> <20010104010227.H29805@plato.local.lan> <20010104113708.A23730@bofh.de> <20010104023556.K29805@plato.local.lan> <20010104130934.A23972@bofh.de> <20010104222412.B6266@azure.humbug.org.au>

Anthony Towns wrote:
> Oh, and for reference, portmap hasn't has a security update forever
> while I've been maintaining it. Heck, there don't seem to have been any
> changes to portmap since 1997. But hey, feel free to make the traditional
> baseless accusations of insecurity, whatever.

If it is a daemon that binds to a port, and it doesn't have "secure" in its
name or "encryption" in its description, it's gotta be insecure.

(Or at least some people seem to think so; ignoring all the clients
which they don't realize _also_ bind to ports; ignoring the propensity
of programs that have "secure" in their name to be anything but;
ignoring how hard encryption is to get right; and ignoring much more
risky things like suid binaries, binary-only programs, and typically-buggy
cgi scripts. :-P)

BTW there are secure uses of telnet. telnet to 'kitenet.net' and log in
as 'beer' (no password) for one of them.

-- 
see shy jo

Reply to:

Follow-Ups:
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Arthur Korn <arthur@korn.ch>

References:
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: era eriksson <era@iki.fi>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Michael Bramer <grisu@debian.org>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Christian Kurz <shorty@debian.org>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Ethan Benson <erbenson@alaska.net>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Christian Kurz <shorty@debian.org>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Ethan Benson <erbenson@alaska.net>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Christian Kurz <shorty@debian.org>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Ethan Benson <erbenson@alaska.net>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Christian Kurz <shorty@debian.org>
- Bug#81118: base: Wishlist: High security base system (or separate add-on package)
  - From: Anthony Towns <aj@azure.humbug.org.au>

Prev by Date: Re: Winmodem test disk
Next by Date: FW: Right SPARC 2.2.20 floppies on the Debian web site?
Previous by thread: Bug#81118: base: Wishlist: High security base system (or separate add-on package)
Next by thread: Bug#81118: base: Wishlist: High security base system (or separate add-on package)
Index(es):
- Date
- Thread