Request for Review - Fedora Security Basics
Rahul Sundaram
sundaram at redhat.com
Mon Oct 10 04:12:23 UTC 2005
Felipe Alfaro Solana wrote:
>>http://www.fedoraproject.org/wiki/SecurityBasics
>>
>>
>
>If one of the goals of Fedora Core is being secure right from the
>start, why is the user allowed to enter single-user without supplying
>the root password (sulogin)?
>
>
>
You have no real way to protect someone from getting into to your system
if the intruder has physical access. Such questions come up pretty
frequently. In general, Fedora systems have good defaults where
developers have analyzed and settled upon something or the other. While
we explain security in such documents we need to document the other
potential ways the system can be configured to be secured better and
explain why the defaults are such. Its a given that we want the
defaults to be as secure as possible, so we shouldnt be proactive about
reporting enhancements to make it as such instead of documenting
workarounds wherever possible.
There is a hardening guide languishing in CVS for quite sometime. Its
better to combine the above documents and make it a comprehensive guide.
Security is a huge topic to cover.
regards
Rahul
More information about the docs
mailing list