[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hurd does NOT need /hurd

On Mon, May 20, 2002 at 12:57:05PM -0700, Thomas Bushnell, BSG wrote:
> 
> John Robinson went further, however, saying that if it isn't provided,
> the system can't be said to have any security at all.

I DID NOT!   what i did say (and i quote myself here) is:

Message-ID: <[🔎] 20020520180124.GB11058@ucsd.edu>

Debian (using a linux, bsd, or gnumach/l4 (micro)kernel) should be
``Secure by default.'' if this means that no firewalling -> no debian
release, then so be it.


note the ``if this means''   firewalling on the host is -almost- useless
(but not quite). if our default kernels are not compiled with ipchains/
iptables/ipfwadm, then that is a problem, and needs to be addressed.

if we install and enable ``unsecure'' services in the default install
(base+standard), then this is a *major* problem and needs to be fixed.

i said that that debian needs to be secure by default. i read that to
mean: no unsecure services run by default.

this means no telnet, no authenticated ftp, no sendmail (sorry, i don't
trust sendmail), or any other plain-text password protocol (apop is
okay, pop3 is not. pop over SSL is preferred)

--if that means-- means -> if the release manager sez that it shall
have firewalling (i read that to mean: iptables/ipchains/ipfwadm/
whatever available), then firewalling it shall have.

	or, in other words: that is not a decision i can unilaterally
	make. i beleive that the default install should have firewalling
	in the kernel, and the userland tools to manipulate the rules.
	(firewalling is _available_). i do not beleive this to mean that
	we include ultra paranoid scripts to close everything off. if
	those are available, fine, but there is no way i would consider
	the lack of paranoid scripts to be a showstopper


_please_ don't put words into my mouth, i am very good at doing it on my
own ;)

> Network firewalls in theory help with the problem of badly configured
> hosts.  Host-based firewalls don't help that at all.

the host based was addressed by the scenario of the spider installing a
rootshell listening on a high port. however, that also prevents things
like http clients to function, so it is almost useless.

my main point: i said Secure by default. i did not specify what that
meant, but added that if it meant a certain thing, then that is what it
means (perhaps i failed by not specifying _further_ what i meant, but i
have this opportunity to fix that ;)

-john

ps: i may not subscribe to -hurd, but i do subscribe to -devel, so no
    need to cc: me.  thanks.


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: