Re: The harden-*flaws packages.

To: debian-devel@lists.debian.org
Subject: Re: The harden-*flaws packages.
From: Ola Lundqvist <opal@debian.org>
Date: Mon, 2 Sep 2002 17:13:51 +0200
Message-id: <[🔎] 20020902151350.GA20173@chrystal.opal.dhs.org>
Mail-followup-to: Ola Lundqvist <opal@debian.org>, debian-devel@lists.debian.org
Reply-to: opal@debian.org
In-reply-to: <[🔎] 20020902150114.GA616@dat.etsit.upm.es>
References: <20020829123512.GA10477@chrystal.opal.dhs.org> <[🔎] 20020901211445.GA9589@finlandia.infodrom.north.de> <[🔎] 87bs7hqj67.fsf@cush.martinhouse.internal> <[🔎] 20020902064752.GA31841@chrystal.opal.dhs.org> <[🔎] 20020902130928.GE21391@dat.etsit.upm.es> <[🔎] 20020902140921.GA10797@chrystal.opal.dhs.org> <[🔎] 20020902150114.GA616@dat.etsit.upm.es>

On Mon, Sep 02, 2002 at 05:01:14PM +0200, Javier Fernández-Sanguino Peña wrote:
> On Mon, Sep 02, 2002 at 04:09:21PM +0200, Ola Lundqvist wrote:
> > Hi
> > 
> > > If you want a program to check for security flaws please use one designed for that
> > > precisely. Tiger is such a program. Just have the *flaws package recommend: or
> > > depend: on tiger.
> > 
> > On the other hand tigher does a lot of other things too. But the link
> > you gave me was very interesting.
> 
> Tiger can be configured easily to just check *one* thing. Just customize the cron
> job at will.

That can be interesting for the harden-*flaws pacakges (or similar).

> (..)
> > 
> > Agreed. Without having too much digging in tiger it might be a good
> > idea. The contact I have had with tiger is not very pleasant because it
> > bugged me with a lot of non-issues. That is maybe the reason why I
> > deinstalled it. :)
> 
> There are still false positives in tiger, the template mechanism, however, takes
> care so that an admin just sees a security warning *once* and not in every run of
> the security test script (It's a simple diff, mind you, but it works)

Ahh that looks great. Last time I checked it did not. Now I might be
able to use it again. :)

Now we just have to solve the upload-to-security problem, or simply
write some other check that scans the security.d.o web pages and
make clever things of it. Maybe using tiger, maybe some other things. But
because tiger can do similar things that might be useful.

Regards,

// Ola

> 	Regards
> 
> 	Javi
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
 --------------------- Ola Lundqvist ---------------------------
/  opal@debian.org                     Björnkärrsgatan 5 A.11   \
|  opal@lysator.liu.se                 584 36 LINKÖPING         |
|  +46 (0)13-17 69 83                  +46 (0)70-332 1551       |
|  http://www.opal.dhs.org             UIN/icq: 4912500         |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /
 ---------------------------------------------------------------

Reply to:

Follow-Ups:
- Re: The harden-*flaws packages.
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

References:
- Re: The harden-*flaws packages.
  - From: Martin Schulze <joey@infodrom.org>
- Re: The harden-*flaws packages.
  - From: Daniel Martin <martin@snowplow.org>
- Re: The harden-*flaws packages.
  - From: Ola Lundqvist <opal@debian.org>
- Re: The harden-*flaws packages.
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: The harden-*flaws packages.
  - From: Ola Lundqvist <opal@debian.org>
- Re: The harden-*flaws packages.
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: Orphaning websec...
Next by Date: Re: Bug#158683: ITP: oggasm -- MP3 to Ogg converter
Previous by thread: Re: The harden-*flaws packages.
Next by thread: Re: The harden-*flaws packages.
Index(es):
- Date
- Thread