[Fedora] Seeing input on Securing the Linux system from intrusions and attacks.

Mon Dec 31 01:51:48 UTC 2007

John Summerfield wrote:

>> I tend to ignore marketing hype.
> I didn't say anything about marketing hype either. If you have a 
> project, you want users and you may want people to help you. You have 
> about one para to get people's attention.
> 
> Marketing hype takes longer than that. Remember, "hype" is short for 
> "hyperbole" and asserts exaggeration.

Yes, but distributions tend to really be general-purpose things except 
for the appliance types so emphasizing only one aspect is likely to be 
exaggeration.

>>> I'm pretty happy with the security in RHEL's clones, but that still 
>>> is not the first amongst its goals. The driver in RHEL is the 
>>> Enterprise. Of course, security is important, but Red Hat Secure 
>>> Linux would be a very different product, wouldn't you think?
>>
>> I'm not sure how it could be different and still be useful.  Maybe 
>> they would disable your ability to turn off SELinux and firewalling.  
>> And wouldn't the existence of a separate secure product imply that the 
>> stock one has known security flaws?  As things are, I assume that 
> Why? Does the fact that GM sells big cars, small cars, cheap cars & 
> expensive cars mean there's anrthing wrong with any of them? I see it as 
> a recognition that different folk have different requirements.

With cars, you are required to select a subset of the available choices 
before you make the purchase.  With software, especially free software, 
there is no reason you can't have all the choices available all the time 
and just run what you need.  But I don't think anyone needs programs 
with known security vulnerabilities so they can all be fixed in the 
standard distribution.

> I would expect RHSL to have more emphasis on keeping the bastards out 
> and detecting their efforts to subvert the security measures, and maybe 
> some self-repair.

But aren't those things all available as standard packages?

> Running a secure server as a virtual server implies 
> you _can_ check it with a trusted Linux - the host. Or another guest. 
> Installing a service would imply all appropriate support packages - 
> sendmail+spamassassin+mimedefang, and guidance on getting them up and 
> running securely.

Yes, I'd like to see mimedefang packaged with a standard configuration, 
but it isn't horrible to set up.

> A default install would have the minimum required to boot and install 
> other stuff, a GUI would be optional on a server (if provided). selinux 
> would be enforcing, and maybe not able to be turned off without a 
> reboot. Filesystems might be encrypted by default.

I don't think you need a separate distribution for that - and forcing a 
user to pick the packages to install is probably the worst mistake 
security-wise since most users have no idea about what they need.  What 
I've always wanted to see is a configuration management scheme where 
anyone could 'publish' a complete list of packages and config changes 
they used to set up a machine for certain purposes and anyone else could 
clone that exact setup (with local adjustment for hostnames and 
addresses, of course), and then track the updates of the master machine 
automatically.  Then you could simply let an expert take care of your 
choices with no extra effort on either side.

-- 
    Les Mikesell
     lesmikesell at gmail.com