[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Second draft of Woody release notes

On Thu, Nov 01, 2001 at 06:56:58PM +0100, Javier Fernández-Sanguino Peña wrote:
> "Debian 3.0 is much more secure that previous releases. The base installation provides
> less unnecessary services that might be the target of attack, likewise Debian 3.0

is there anything other then telnet turned off by default now?  if not
i don't think this is worth mentioning.  particularly since nfs-common is
still installed and run by default.  (it has probably the poorest
security history of any of the standard services).

> includes many more security applications, tasks like firewall administration, 
> server hardening and intrusion detection. The packaging system has also been improved 
> with the automatic check of digital signatures, thus, it will refuse to install
> packages downloaded from Debian that do not verify correctly, limiting the possibility
> of troyan installation and making it easie for systems to automatically upgrade

does it?  the capability is there, but packages are not signed, nor
verified by default.  or has this changed so silently that i haven't noticed?

Ethan Benson

Attachment: pgp7_L6faq8N8.pgp
Description: PGP signature

Reply to: