Re: 10 top myths of debian

[Miles Fidelman <mfidelman@meetinghouse.net>]

Yaro Kasear wrote:
> I don't know if Debian's the most SECURE distribution. It doesn't 
> really have a "hardened profile" or anything like what Gentoo offers. 
> (Gentoo isn't a prime example of a secure Linux system, I more point 
> to the concept of having a "hardened" base available, whihc Debian 
> doesn't really offer.) Debian's known for being incredibly STABLE and 
> high quality, and embraces FOSS standards pretty well.
>
> But unless Debian is bundling an alternate base system built around 
> stuff like Tomoyo, GrSecurity, PaX, or SELinux and starts loading up 
> their packages with hardened patchsets I wouldn't boast about it being 
> a "security-focused" distro.
>
> The backports are an excellent thing. And the Debian security team 
> does an excellent job. Lets just be realistic and a little more honest 
> and say Debian is "one of the most secure" but I can't call it "THE 
> most secure" unless the system can go hardened readily.

Good point.  And when you start talking security to the point of serious 
testing and configuration control, I believe there are very few 
distributions that are on the DoD approved product list.

On the BSD side, OpenBSD (despite the name), focuses on security, and 
has a pretty good reputation for being pretty secure.

Miles Fidelman


--
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra