[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#81118: base: Wishlist: High security base system (or separate add-on package)



On Thu, Jan 04, 2001 at 11:37:08AM +0100, Christian Kurz wrote:
> 
> Well, I'm not sure if downgrading would be a good idea, but changing the
> postinst-script should be easier to do as this would part of it would be
> very generic and could be used in other scripts via cut&paste too.

perhaps, but for the most part daemons packaged in debian are not
priority standard and thus not installed by default.  the decision to
install the daemon should imply the desire to run it IMO.  for some
cases i agree there should probably be a question, especially daemons
that outright require admin configuration before being useful anyway.
i just think a trend of daemons when installed asking whether the
admin really wanted to install and use it would be rather annoying.  

i prefer to not enable daemons by not installing them.  

> So rpc.statd still get's started even if it's not used?

yes, so long as portmap is started, which it is by default.  lockd is
started if needed/supported.  

> Hm, why must it be downgraded? Is the priority to high currently to
> remove it from the standard-installation? 

its priority standard i presume, which unless dselect/tasksel is
changed means it will be installed and started by default.  that can
either be solved by ya postinst/debconf question or by lowering its
priority to make the admin install it if they need it.  

the whole priority standard thing is really sticky, its supposed to
create a basic command line system that a *nix guy will be comfortable
with and not find much missing that triggers a `wtf!' the thing is
nobody can agree on exactly what that is. (ie does it include emacs or
not, does it include TeX or not?, does it include nfsd or not? does it
include telnetd or not?......)

> > would be.  (more then likely a big flamewar where all propronants are
> > called incompetant morons)
> 
> Well, I'm not sure if this will really be a flamewar, since the security
> holes in portmap and nfs have been obvious and visible for everyone, so

don't be so sure, i recently saw someone on -devel get yelled at for
saying portmap is not secure.  

> to increase our security and make debian also the choice for
> security-aware people. I think this approach would fit to debian's image
> fine.

i would hope so.  i really don't see any reason why a default
installation has to run things like portmap and statd by default.
OpenBSD doesn't and it doesn't seem to hurt them any. 

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpiv7xvPgMzB.pgp
Description: PGP signature


Reply to: