Bug#173061: marked as done (ITP: titan -- Security tools for hardening and auditing UNIX systems)
Your message dated Sun, 20 Mar 2005 02:58:44 +0100
with message-id <20050320015844.GA22625@dat.etsit.upm.es>
and subject line Not going to package Titan, closing this bug
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 14 Dec 2002 17:48:55 +0000
>From jfs@dat.etsit.upm.es Sat Dec 14 11:48:54 2002
Return-path: <jfs@dat.etsit.upm.es>
Received: from buzz.etsit.upm.es [138.100.17.3]
by master.debian.org with smtp (Exim 3.12 1 (Debian))
id 18NGPG-0003Es-00; Sat, 14 Dec 2002 11:48:54 -0600
Received: (qmail 21359 invoked from network); 14 Dec 2002 17:48:23 -0000
Received: from localhost (127.0.0.1)
by localhost with SMTP; 14 Dec 2002 17:48:23 -0000
Received: (qmail 21356 invoked from network); 14 Dec 2002 17:48:22 -0000
Received: from avalon.dat.etsit.upm.es (138.100.17.73)
by buzz.etsit.upm.es with SMTP; 14 Dec 2002 17:48:22 -0000
Received: (qmail 11599 invoked by uid 1013); 14 Dec 2002 17:48:22 -0000
Date: Sat, 14 Dec 2002 18:48:22 +0100
From: Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <jfs@computer.org>
To: submit@bugs.debian.org
Subject: ITP: Titan - security hardening and audit
Message-ID: <20021214174822.GA10512@dat.etsit.upm.es>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="tThc/1wpZn/ma/RB"
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
Delivered-To: submit@bugs.debian.org
X-Spam-Status: No, hits=-7.1 required=5.0
tests=PGP_SIGNATURE_2,SPAM_PHRASE_01_02,USER_AGENT,
USER_AGENT_MUTT
version=2.41
X-Spam-Level:
--tThc/1wpZn/ma/RB
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: wnpp
Version: N/A; reported 2002-12-14
Severity: wishlist
Package name : titan
Version : 4.0 (beta 6)
Upstream Author : Brad M. Powell, Dan Farmer, and Matthew Archibald
URL : http://www.fish.com/titan
License : based on Artistic License (asked in debian-legal and
ok)
Description : Security hardening and audit modular tool
=46rom the HTML pages:
Titan is a collection of programs, each of which either fixes or
tightens one or more potential security problems with a particular
aspect in the setup or configuration of a Unix system. Conceived
and created by Brad Powell, it was written in Bourne shell, and
its simple modular design makes it trivial for anyone who can
write a shell script or program to add to it, as well completely
understand the internal workings of the system.
Titan does not replace other security tools, but when used in
combination with them it can help make the transformation of a
new, out of the box system into a firewall or security conscious
system into a significantly easier task. In a nutshell, it
attempts to help improve the security of the system it runs on.
(...)
Titan can help with all of these problems; its main design goals are:
* After being run, the system should be more secure than when we
started. Things may be broken, but it should be more secure! The
truth is that most things you do to secure a system are probably
not going to cause a problem. A vendor can't take that chance -
but we can. In any case, we haven't run into anything that Titan
has broken, but it certainly could happen.
(...)
* Producing a consistent and understandably secure system.
(...)
Titan has recently (?) changed from a non-free license to use the Artistic
License. I considered packaging Titan at the time but dismissed it due to
its license. I will package it now.
Titan is a mixture of what Bastille and Tiger provide currently for
Debian. On one hand it can automatically secure a system (however, it's
less "verbose" that Bastille) on the other, it can check if the system is
secure (like Tiger does).
Javier Fernandez-Sanguino Pe=F1a
--tThc/1wpZn/ma/RB
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9+27msandgtyBSwkRAhanAJ4zX4dUY3el4ySMyl9csPLcZ6JGRgCgg4Dl
o0lAgtc+FCVR2+iHrlMmk6E=
=Qay8
-----END PGP SIGNATURE-----
--tThc/1wpZn/ma/RB--
---------------------------------------
Received: (at 173061-close) by bugs.debian.org; 20 Mar 2005 01:58:47 +0000
>From jfs@dat.etsit.upm.es Sat Mar 19 17:58:47 2005
Return-path: <jfs@dat.etsit.upm.es>
Received: from tornado.dat.etsit.upm.es (dat.etsit.upm.es) [138.100.17.73]
by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
id 1DCpiI-0000Pf-00; Sat, 19 Mar 2005 17:58:46 -0800
Received: (qmail 12711 invoked by uid 1013); 20 Mar 2005 01:58:44 -0000
Date: Sun, 20 Mar 2005 02:58:44 +0100
From: Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <jfs@computer.org>
To: 173061-close@bugs.debian.org
Subject: Not going to package Titan, closing this bug
Message-ID: <20050320015844.GA22625@dat.etsit.upm.es>
Reply-To: Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <jfs@computer.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="4Ckj6UjgE2iN1+kY"
Content-Disposition: inline
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: 173061-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-0.5 required=4.0 tests=BAYES_30 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--4Ckj6UjgE2iN1+kY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Reviewing Titan's homepage it seems that the license is now even more=20
non-free:
Notwithstanding any other agreement or any other provision herein,
effective January 15, 2005, an entity with greater than 400 employees
shall be required to obtain written permission from Team Titan in
order to download, print, access, view, distribute or otherwise use in
any way the Package or other files known as Titan. For purposes
herein, an entity includes its employees, agents, affiliates,
partners, contractors etc.
Obviously, this doesn't even fit in the non-free archive so I'm withdrawing=
=20
this ITP.
Regards
Javier=20
--4Ckj6UjgE2iN1+kY
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCPNjTi4sehJTrj0oRAhppAJ4xcRfFrt9uZ8OrFg0dt0Q7bmVYHwCfSqEt
PZMBznIG73MLEbUrhKuj/oM=
=cpm+
-----END PGP SIGNATURE-----
--4Ckj6UjgE2iN1+kY--
Reply to: