[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security through paranoia 2, with proposal...

On Sun, Apr 01, 2001 at 11:56:16AM +0200, Tollef Fog Heen wrote:
> * Jan Niehusmann 
> | Package: apache
> | Depends: apache-non-ssl | apache-ssl
> | 
> | Package: task-hardened
> | Conflicts: apache-non-ssl

> Which I believe is wrong, as most of the web traffic isn't sensitive
> at all, if somebody listens in on me downloading the newspaper, so be
> it.  So, imho, it shouldn't conflict with normal apache.  It might

I didn't mean to imply that apache-ssl should be a part of task-hardened. 
It was just an example - probably a bad one. The point is that if we 
need some depend-if-constructs, the above is a way to implement
them without changes to the control file syntax.

In fact, I don't think apache-ssl has anything todo with a hardened system. 
Normally, having an ssl capable webserver doesn't make hacking the system
harder.

Jan

-- 
OpenPGP-signierte bzw. -verschlüsselte Mail erwünscht
EMail-Key: 1024D/F12DA065 (=> Keyserver oder auf Anfrage)
Reply to: