Re: Proposed: task-secure-system package
Hi,
Quoting Russell Coker (russell@coker.com.au):
<packages that check for old/buggy versions of programs>
> I think that it would be good if there was a task-secure-system package
> for Debian that did this.
I have been thinking about this, and think it would be cool. Checking for
old/buggy versions of programs is probably not useful, as a
security.debian.org apt-rule would've fixed that in the next upgrade. At
upgrade-time the task-secure-system package would get to know about the
old/buggy programs, but that would be too late as they're being upgraded at
that moment anyways ;)
What i _would_ like is a set of packages that make alterations of
configurations/configuration files (i.e. clean up /etc/inetd.conf, tighten
permissions, disallow remote-root ssh logins etc.).
If you pull this a bit further, things like 'task-firewall-masq' (would set
up a basic masq box to do masquerading/firewalling trough a debconf
interface) come to mind.
I would like to work on stuff like this, but probably can't find the time to
do this by myself ;)
Greets,
Robert
--
| rvdm@cistron.nl - Cistron Internet Services - www.cistron.nl |
| php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security |
| My statements are mine, and not necessarily cistron's. |
Despite all appearances, your boss is a thinking, feeling, human being.
Reply to: