Re: making Debian secure by default

To: debian-user@lists.debian.org
Subject: Re: making Debian secure by default
From: jeremy ardley <jeremy.ardley@gmail.com>
Date: Thu, 28 Mar 2024 07:37:13 +0800
Message-id: <[🔎] dda6351e-2bc9-450d-8f20-a7305c4b9d2c@gmail.com>
In-reply-to: <[🔎] CAD8GWssBoRrCzW0TSUGxMeuY=y_bTM-nMuSO7_4g1Kyk79fgqQ@mail.gmail.com>
References: <[🔎] CAD8GWssBoRrCzW0TSUGxMeuY=y_bTM-nMuSO7_4g1Kyk79fgqQ@mail.gmail.com>


On 28/3/24 05:30, Lee wrote:

oof.  Are there instructions somewhere on how to make Debian secure by default?



Further down the advisory is

"

  Some distros, like Debian, do not seem to have a command like
  command-not-found by default. There does not seem to be a way to
  leak a users password in this case then, even though we can send
  escape sequences to them.

"

Which implies that Debian is secure by default against this particularexploit

Reply to:

Follow-Ups:
- Re: making Debian secure by default
  - From: Andy Smith <andy@strugglers.net>

References:
- making Debian secure by default
  - From: Lee <ler762@gmail.com>

Prev by Date: Re: making Debian secure by default
Next by Date: Re: making Debian secure by default
Previous by thread: Re: making Debian secure by default
Next by thread: Re: making Debian secure by default
Index(es):
- Date
- Thread