[Fedora] Seeing input on Securing the Linux system from intrusions and attacks.

Les Mikesell lesmikesell at gmail.com
Sun Dec 30 22:57:14 UTC 2007


John Summerfield wrote:

>>> My point, for those who seem to have missed it, is that on the others 
>>> security is considered a top goal and highlighted as such on the home 
>>> page. I similarly excluded FreeBSD because it's not highlighted as a 
>>> top requirement. I also excluded Debian - freeness drives the Debian 
>>> project, usability drives Ubuntu.
>>
>> Agreed, but you have enough experience to know that good intentions 
>> and strict attention to narrow goals don't produce the best results every 
> 
> I didn't say anything about narrow goals, did I? 

When you emphasize one, it usually comes at the expense of others.  Or 
it's just meaningless hype.

> Security is important 
> to all of those projects, but if you don't highlight the key goals of 
> your OS project, you aren't selling the project very well, and you will 
> probably miss those goals.

I tend to ignore marketing hype.

> I'm pretty happy with the security in RHEL's clones, but that still is 
> not the first amongst its goals. The driver in RHEL is the Enterprise. 
> Of course, security is important, but Red Hat Secure Linux would be a 
> very different product, wouldn't you think?

I'm not sure how it could be different and still be useful.  Maybe they 
would disable your ability to turn off SELinux and firewalling.  And 
wouldn't the existence of a separate secure product imply that the stock 
one has known security flaws?  As things are, I assume that 
vulnerabilities are always fixed in updates as they are discovered.

-- 
     Les Mikesell
      lesmikesell at gmail.com




More information about the users mailing list