Re: harden-debian script?
On Wed, Oct 25, 2000 at 01:00:36PM -0700, Scott Bronson wrote:
> Is there such a thing as a harden-debian script? This would run
> through the file system and change file owers and permissions to
> make the machine quite unfriendly and really secure, rather than
> the very friendly and mostly secure system that we use every day.
>
> I remember seeing this idea in SuSE 6.2, and liking it. Post-
> install, what more should I do to harden my machine?
Does really being unfriendly mean being secure? Is removing world read
permissions from config files a fix for misconfigured services?
If something is configured right, then why not show the configuration to the
users?
Debian already has right permissions for files containing sensitive data
(e.g. /etc/shadow).
IMHO security by obscurity isn't a right thing.
Or isn't it what the SuSE's script does?
regards
Marcin
--
+--------------------------------+ The reason we come up with new versions
|Marcin Owsiany | is not to fix bugs. It's the stupidest
|porridge@pandora.info.bielsko.pl| reason to buy a new version
+--------------------------------+ I ever heard. - Bill Gates
Reply to: