Re: Debian secure by default?
On Sat, 17 May 2008 08:23:41 -0700
Mike Bird <mgb-debian@yosemite.net> wrote:
> On Sat May 17 2008 02:32:29 Rico Secada wrote:
> > I am not saying that Debian isn't secure per say, but things like
> > removing SUID and SGID from files where they generally aren't
> > needed as default imho is better. If someone needs SUID then he has
> > to set it.
> >
> > Locating what files that it is generally safe to remove SUID and
> > SGID from isn't that easy.
>
> Agreed.
>
> That's why, unless you have a lot of time and experience, it's much
> more secure to run a major distribution that has been reviewed by many
> people rather than trying to make all of these decisions yourself.
>
> If you should ever find a security problem with Debian, please be sure
> to let us know via a channel appropriate to the level of the problem.
I am sorry but I had gotten my hands on a document with some outdated
information about some default tools being unsafe with Debian because
they had SUID set.
Sorry all.
> --Mike Bird
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
Reply to: