Bug#81118: base: Wishlist: High security base system (or separate add-on package)
Arthur Korn wrote:
> Joey Hess schrieb:
> > If it is a daemon that binds to a port, and it doesn't have "secure" in its
> > name or "encryption" in its description, it's gotta be insecure.
> Debians minimal system (what's called 'standard') is to fat.
> Regardless of how secure it is, many boxes just don't need the
> portmapper or a telnet _daemon_ (I don't mind about the client,
> I prefer netcat though). The minimal system should really be
> minimal, let dependencies do the rest.
What? I'd like to be sure to have a telnet daemon fixed in when I do
an installation over network. What will you gain by excluding telnet
daemon other than satisfying some security paranoid out there? Raving
for a few kb's?
The only way to be really secure is to blow up your computer, and send
the pieces into deep space.
Eray (exa) Ozkural
Comp. Sci. Dept., Bilkent University, Ankara