Re: Debian secure by default?
On Sat May 17 2008 02:32:29 Rico Secada wrote:
> I am not saying that Debian isn't secure per say, but things like
> removing SUID and SGID from files where they generally aren't needed as
> default imho is better. If someone needs SUID then he has to set it.
>
> Locating what files that it is generally safe to remove SUID and SGID
> from isn't that easy.
Agreed.
That's why, unless you have a lot of time and experience, it's much
more secure to run a major distribution that has been reviewed by many
people rather than trying to make all of these decisions yourself.
If you should ever find a security problem with Debian, please be sure
to let us know via a channel appropriate to the level of the problem.
--Mike Bird
Reply to: