<div dir="ltr">On Tue, Apr 29, 2014 at 5:12 PM, Reindl Harald <span dir="ltr"><<a href="mailto:h.reindl@thelounge.net" target="_blank">h.reindl@thelounge.net</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">defense in depth means limit the attack surface as much as you can<br></blockquote><div><br></div><div>As folks are trying to point out to you, these principles are well understood in this group.</div>
<div><br></div><div>However, _any minimally usable environment will have a scripting engine_ -- /bin/sh, python, and having _any_ of those general purpose tools available is enough for the attacker.</div><div><br></div><div>
On your own machines, you might gain some (limited) advantage removing some of them.</div><div><br></div><div>Fedora and its derivatives, OTOH, are a large enough target that it's worth for attackers to tailor attacks to it. So removing some tools won't do much, and removing _all_ tools will ruin everyone's day.</div>
<div> </div><div></div></div><div class="gmail_extra"><br></div><br clear="all"><div>m</div>-- <br> <a href="mailto:martin.langhoff@gmail.com" target="_blank">martin.langhoff@gmail.com</a><br> - ask interesting questions<br>
- don't get distracted with shiny stuff - working code first<br> ~ <a href="http://docs.moodle.org/en/User:Martin_Langhoff" target="_blank">http://docs.moodle.org/en/User:Martin_Langhoff</a>
</div></div>