Re: Bug#726393: general: Possible malware infections in source packages
> You can disagree with this approach. However, in my 10+ experience
> setting up security gateways for Internet traffic (mostly for
> HTTP/FTP/SMTP) I've seen only a few vulnerabilities in the gateways
> themselves. Many of the gateways I have deployed are either network
> appliances with a Common Criteria certification (see
So you have had vulnerabilities for 10 years in systems exposing all
users to them for ten years and guess what, you still have. In my 10+
years I haven't.
I shall stick to disagreeing along with snort.org but admit this is
widely done even on firewalls themselves. I do some scanning for
exploits even but for information in an isolated way as snort.org
strongly recommends and not active re-action.
P.s. That's not defense in depth. If you had defence in depth worth
mentioning then you wouldn't need Antivirus. Of course I am sure those
decisions are out of your hands and so I am not criticising you and I
am sure your network is more secure than most, just stressing my
opinion.
The part about hacking tools was mentioned in case the whole server was
blocked rather then a few packages.
> In my organisation (and I know we are not alone here),
Many run polkit, sudo, dbus-launcher, Windows.
Some like me run just sudo.
I'm not alone either. I read just the other day that Cambridge Uni's
production policy is to only allow sudo for priviledge granting.
Reply to: