[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Common (basic) security checks for a base installation? (was Re: Security notification script in Perl)

On Sun, Dec 29, 2002 at 03:31:55PM -0600, Steve Greenland wrote:
> > This is what Steve had to say about it in Bug #163813
> > Steve Greenland <steveg@moregruel.net> writes:
> > > The "checksecurity" part of cron is a big joke. It's completely out of
> > > place, and has been so neutered by complainers over the years that I'm
> > > planning on separating it out of cron and then orphaning the package.
> > > The tricky part is getting the conffile safely moved, which is why I
> > > haven't done it earlier.
> And indeed, what I intend to do in the next few weeks.
	Let's think first of how the replacement will be, shall we?
Otherwise people might expect cron (or a basic installation of Debian) to
do some tedious security checks for them and won't find out until they've
been hitten hard because we "removed" this from cron.
	How is basic security checks going to be handled in sarge? I guess
that's the big question. Steve, please do not remove this from cron (or at
least don't let the changes go into testing) until we have a roadmap on how
this should be done.

	Always IMHO, Regards


Attachment: pgpF61sWmHYnF.pgp
Description: PGP signature

Reply to: