Re: [cobalt-users] Severe Security Problem Between Sites

["Robert G. Fisher" <rfisher@xxxxxxxxxxxxxxx>]

On Tue, Mar 28, 2000 at 08:45:43AM -0600, Jeff Newman wrote:
> security system.  As far as linux goes, that fact that special actions need
> to be taken to "harden" the OS has to tell you something.

These kinds of arguments are generally silly.  The only valid complaints
one could have here is to talk about the scenario of buffer overflow
exploits which affect practically all OS's -- albeit Linux does have
an official patch tree floating around that makes the stack
non-executable and does a variety of other checks in the kernel to make
it more secure.

The issue is not that you have to "harden" linux moreso than any other
OS -- but you do have to configure it properly.  An improper or insecure
configuration will not help protect you on any OS be it Linux, NT, OS/2,
or even VMS (Well, the latter maybe as they work in virtual machines
thus helping to protect you from some things -- but even then, they
are far from easy to configure.)

> Cobalt is not trying to provide a hardened platform, only a server.  If you
> have taken proper security measures to begin with, this thread would not

Agreed, and if they need it -- there is always ssh for remote logins.


-- 
Robert G. Fisher		     NEOCOM Microspecialists Inc. 
System Administrator/Programmer      (540) 666-9533 x 116