Re: Debians security features: Which are active?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
It would however be useful for Debian administrators interested in
security to know somehow what these features do, under what
circumstances they would be useful, and how to enable them in Debian. I
found the Hardening Debian guides on the wiki (linked to earlier)
difficult to understand and apply in this regard.
Daniel
Cédric Lemarchand wrote:
> Please, honestly, do you know what every features in this list does,
> how they could be benefit for you and in which way ?
>
> Or did your choice will *only* be based on the number of
> supported/enabled features ?
>
>
> Le 17/05/2014 12:38, herzogbrigitte1@t-online.de a écrit :
>> Thank you for all your replies. I understand that the user is
>> important for security, but it's a difference whether you start
>> from scratch or you can work with somethink prebuilt. So, could you
>> tell me, which of the following securit features are enabled in
>> Debian by default and which I have to activate manually:
>>
>> Stack Protector Heap Protector Pointer Obfuscation Stack ASLR
>> Libs/mmap ASLR Exec ASLR brk ASLR VDSO ASLR Built as PIE Built with
>> Fortify Source Built with RELRO Built with BIND_NOW Non-Executable
>> Memory /proc/$pid/maps protection Symlink restrictions Hardlink
>> restrictions ptrace scope 0-address protection /dev/mem protection
>> /dev/kmem disabled Block module loading Read-only data sections
>> Stack protector Module RO/NX Kernel Address Display Restriction
>> Blacklist Rare Protocols Syscall Filtering Block kexec
>>
>> For further information go to
>> https://wiki.ubuntu.com/Security/Features
>>
>>
>> Thank you very much!
>>
>> Brigitte Herzog
>>
>>
>> -----Original-Nachricht----- Betreff: Debians security features in
>> comparison to Ubuntu Datum: Fri, 16 May 2014 22:04:07 +0200 Von:
>> "herzogbrigitte1@t-online.de" <herzogbrigitte1@t-online.de> An:
>> debian-security@lists.debian.org
>>
>> Hello there, I'm a new user of the great Debian distro for my
>> Desktop. But when I talked to a friend and I told him, that I'm
>> using Debian (Wheezy) for my desktop computer, he told me that I
>> shoudn't use it because it is not secure. He told me to use Ubuntu
>> instead. He explained that with the fact, that Ubuntu has more
>> security features enabled than Debian (also more compiler flags for
>> security) in a fresh install. He gave me a link to the following
>> site: https://wiki.ubuntu.com/Security/Features
>>
>> So, I'm very happy with Debian but because my friend seems to be an
>> expert for Linux, I don't know if I can use Debian. Can you tell me
>> which of the security features promoted by Ubuntu are also enabled
>> in Debian?
>>
>> Thank you very much!
>>
>> Brigitte Herzog
>>
>>
>> ----------------------------------------------------------------
>> Mit einer kostenlosen E-Mail-Adresse @t-online.de werden Ihre Daten
>> verschlüsselt übertragen und in Deutschland gespeichert.
>> www.t-online.de/email-kostenlos
>>
>>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBCgAGBQJTd0rKAAoJEJhsX8U2K7jUbSAIAI11RQsZyXq38rbbncsh59Vv
+7TX+olQ7B6tbQEbJ9pQD85GNjmt1UvEcaoDYmPyPI4NSoX6Y6bgb8QCStEAsgYo
ci4HlEatDiaSrj2vzYEqZdpeMYJX09XArZEhtDJTrbGLCF2upu11LlhXVqPbku33
B4gQbIZEzfCUP0S9ZaRt81bsR6UKPji7I5Z8LHr9bTYHRts4JNySnGFxkL5u1FoY
WF8xsoRhDfNtI74KcMMJg0okeur7kgQIY2928ZM5O+LLyCutbGlnI17Rv5P0JR8n
5xpnhSsWVlgyvNgPA6agnHz1Ss92DTfE2BEdUSQmM3Imp6B5WCwPoosL/CschUQ=
=rkAX
-----END PGP SIGNATURE-----
Reply to: