Re: Security through paranoia 2, with proposal...
On Sun, Apr 01, 2001 at 11:56:16AM +0200, Tollef Fog Heen wrote:
> * Jan Niehusmann
> | Package: apache
> | Depends: apache-non-ssl | apache-ssl
> |
> | Package: task-hardened
> | Conflicts: apache-non-ssl
> Which I believe is wrong, as most of the web traffic isn't sensitive
> at all, if somebody listens in on me downloading the newspaper, so be
> it. So, imho, it shouldn't conflict with normal apache. It might
I didn't mean to imply that apache-ssl should be a part of task-hardened.
It was just an example - probably a bad one. The point is that if we
need some depend-if-constructs, the above is a way to implement
them without changes to the control file syntax.
In fact, I don't think apache-ssl has anything todo with a hardened system.
Normally, having an ssl capable webserver doesn't make hacking the system
harder.
Jan
--
OpenPGP-signierte bzw. -verschlüsselte Mail erwünscht
EMail-Key: 1024D/F12DA065 (=> Keyserver oder auf Anfrage)
Reply to: