Re: package for security advice

To: Jonathan Hutchins <hutchins@tarcanfel.org>
Cc: debian-security@lists.debian.org
Subject: Re: package for security advice
From: Jonathan Hutchins <hutchins@tarcanfel.org>
Date: Sat, 07 Mar 2020 17:06:27 -0600
Message-id: <[🔎] 9538ae5de38c85302794d579ef9af866@tarcanfel.org>
In-reply-to: <[🔎] 20200307182914.GA19794@ctrl.internal.morgul.net>
References: <[🔎] 5499777.kjKQSeBIVr@liv> <[🔎] 32743c4439ca5f6495961a3e9b5fdf3a@tarcanfel.org> <[🔎] 20200307182914.GA19794@ctrl.internal.morgul.net>

I would suggest that the effort you're asking for is already going in toDebian itself, and that together the maintainers deliver a system thatis a reasonable compromise between security and convenience for ageneral use personal computer. People who want to go beyond that andoffer a public service really do need to be expected to learn thevulnerabilities and vectors that apply to the type of service they'rerunning.

There is no blanket security policy that would be able to apply thecorrect security for every circumstance. Believe me, you wouldn't enjoyrunning a fully PCI/DOC secured system as your daily driver.


--
Jonathan

Reply to:

References:
- package for security advice
  - From: Russell Coker <russell@coker.com.au>
- Re: package for security advice
  - From: Jonathan Hutchins <hutchins@tarcanfel.org>
- Re: package for security advice
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: Re: package for security advice
Next by Date: harbian-audit v0.4.0 for Debian 10 and CentOS 8 is released
Previous by thread: Re: package for security advice
Next by thread: Re: package for security advice
Index(es):
- Date
- Thread