security
Is anyone here running a Debian system with no daemons running as root other
than init, inetd, and sshd, no SUID-root programs other than passwd, su, etc,
and generally having everything locked down as much as possible (chroot's for
daemons, etc)?
If so what kernel patches do you apply for security? What do you consider to
be the main area of weakness in your system security that needs to be
addressed? What needs to be done to improve the general Debian security?
Please CC me on any replies as I'm not subscribed. Please feel free to reply
by a private message (I will summarise responses without information on who
sent them to me and forward them to other interested people except where
requested to do otherwise).
I am interested in improving the general security of Debian and am involved in
some discussions as to what is the best way to do it. I am searching for
background data to help with this.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: