Re: Bastille linux : secure linux distribution
Le Thu, Jun 03, 1999 at 07:51:55PM -0400, Branden Robinson écrivait:
> Debian *CAN* support multiple patches per package *IF* the maintainer
> chooses to do things that way. My proof?
> apt-get source xfree86-1
> (This implementation of source handling is thanks to Adam Heath.)
I'll mail him. :-)
> That leaves us with point 6, which is a vigorous topic of discussion among
> the Debian developers. Wonder of wonders, people are even coming up with
> CODE to implement it.
Yes but we're still far away from an automatic installation...
> It doesn't look like they've taken a very close look at Debian at all,
> since half their list of reasons are blatant falsehoods, and an additional
> third are not even criteria based on technical merit.
These 6 points are reasons for choosing RedHat not reasons for not
choosing Debian. ;-) They mentionned Debian in their full announce
as one of the primary distribution with which they'd like to share
fixes and so on :
This brings up the question of our relationship with other
distributions. I doubt that Red Hat will be interested in much of our
work, but I intend to keep in communication with them, especially on
security-related issues. Although our distribution is not going to be
based on Debian, we are working from a common code base, for the most
part, and I would like to share fixes with them directly.
BTW bastille-linux is not the only project of secure linux distribution :
kha0s Linux and the (as-yet-unnamed) Secure Linux distribution project
coordinated by Le Reseau just starting development and aimed squarely at
servers, and to build it from the ground up. This is a very important
project, but it differs from ours in that our system is intended for
general use by a relatively unschooled public. We plan on closely
coordinating with the project hosted by Le Reseau (refereed by Rik van
Riel) as much as possible. The kha0s Linux project appears to be
dormant, but we will attempt to coordinate with them as well.
Several other groups, including the TrinityOS folk, Chris Schanzle's
group at NIST, and Kurt Seifried's Rebar for RedHat project have all
done work on securing Red Hat Linux-based distributions. Those folk are
all (I believe) on the list, and I look forward to integrating their
work into our own. Mr. Seifried in particular has suggested that we
merge our efforts, and we look forward to his participation in our
And I've read (I can't remember where) that the 'as-yet-unnamed' distrib
will be based on Debian. But I may be wrong.
Hertzog Raphaël >> 0C4CABF1 >> http://prope.insa-lyon.fr/~rhertzog/