On Tue, Jun 19, 2001 at 09:30:56AM -0700, Pat Moffitt wrote: > My real concern is for people like me. I know a lot about computers (over > 20 years of experience). But, I don't have much experience with security. > I don't know a lot about many of the packages in Linux. That's partly why I don't like the argument that, for example, if you don't want rpc.statd running, just uninstall nfs-common. I work in an environment where there are hundreds of Linux installations directly connected to the Internet. There is no firewall, and, in general, no ports are filtered by the routers. Andybody is free to install their own system and do with it pretty much as they please. The problem is that most of the time they don't really know what's running on their system. They don't know about editing inetd.conf, they don't know about portmap and NFS, and some of them are only just now leaning (the hard way) why 'xhost +' is bad. These people will install Apache on their machine, see that it works, and start using it as a production web server. There is nothing to force them to turn off unnecessary services. It might make my life more difficult if they came to me every time they installed a new system and asked why Apache wasn't working, but I'd prefer that to having them come complain when I shut their access off due to their machine being cracked via rpc.statd, which they've never even heard of. I am certainly not claiming that these people are competant sysadmins, or that a sysadmin would experience the difficulties that they do, but I am claiming that the majority of Linux installations are run by people with this level of expertise. As it gets easier and easier to install Linux, we're going to be seeing less and less competant people doing it. They're going to get in trouble. > As I write this it becomes a little clearer to me that we need to protect > the net and ourselves. This may make it harder for the newbie to learn (and > more work for us when we install). I would have to recommend that the "off > by default" would be the safer policy. (But then again, who am I?) Well, maybe off by default is not the way to go, but "not installed by default" is. If somebody needs NFS, they know it, and with that knowledge can easily search dselect for appropriate packages. If they don't need NFS, they don't necessarily know it, and don't necessarily know that they need to disable or uninstall packages to get rid of it. I think this is really a better way to go. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgppR_h29T0_N.pgp
Description: PGP signature