[Fedora] Seeing input on Securing the Linux system from intrusions and attacks.

John Summerfield debian at herakles.homelinux.org
Sun Dec 30 22:34:25 UTC 2007

Les Mikesell wrote:
> John Summerfield wrote:
>> Les Mikesell wrote:
>>> John Summerfield wrote:
>>>> and I note that RH doesn't highlight security at all, that's I could 
>>>> find in three clicks.
>>> http://www.redhatmagazine.com/2007/04/18/risk-report-two-years-of-red-hat-enterprise-linux-4/ 
>>> is possibly self-serving but seems pretty realistic to me.
>> My point, for those who seem to have missed it, is that on the others 
>> security is considered a top goal and highlighted as such on the home 
>> page. I similarly excluded FreeBSD because it's not highlighted as a 
>> top requirement. I also excluded Debian - freeness drives the Debian 
>> project, usability drives Ubuntu.
> Agreed, but you have enough experience to know that good intentions and 
> strict attention to narrow goals don't produce the best results every 

I didn't say anything about narrow goals, did I? Security is important 
to all of those projects, but if you don't highlight the key goals of 
your OS project, you aren't selling the project very well, and you will 
probably miss those goals.

Just for laughs, I just checked out Windows XP & Vista. No statement, 
but the emphases seem to me fun & coolness, and fixing its problems.

> time.  I'm much more comfortable with a project that recognizes that 
> unexpected security flaws may exist and has the ability to correct them 
> quickly than one that says that because an expert has looked over the 
> code, there can't be any security issues.  You do need a balance, of 
> course and some tolerance for over-hype in project goals compared to 
> what is delivered.

I'm pretty happy with the security in RHEL's clones, but that still is 
not the first amongst its goals. The driver in RHEL is the Enterprise. 
Of course, security is important, but Red Hat Secure Linux would be a 
very different product, wouldn't you think?



-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice

You cannot reply off-list:-)

More information about the users mailing list