On Fri Jun 06, 2003 at 09:03:15PM +0200, Oden Eriksson wrote: > > Absolutely. But this is so inconsequential either way, it doesn't really > > matter to me. I indicated my own personal preference. I've already stated > > that this hack will not go into updates because changing a config > > arbitrarily is not a good thing. But cooker? I don't see a problem with > > it (again, personal opinion). I also don't really see the need for it > > because, as I indicated before, only stupid people would write a script to > > expose that information to the world. A good sysadmin would not do this. > > And..., I'm just the messenger..., full of ideas. > > It could be a idea to fix this, and similar things, but then again maybe not. > > I'm thinking more like the next release, possible ways to claim a more > "secure" os. It's just a way of thinking..., maybe we could do this and get > away with it, or maybe not. The usability will have to remain, but certain > things would have to change, like access to certain functions. > > Well..., never mind...
Maybe something along the lines of bastille or harden_suse, specifically tailored to Mandrake, would be in order. Some subset of msec that you run once and it goes through some configs and makes changes (and reports what changes it makes). But a one-time thing so that if you change something back, it doesn't come along the next day and "fix" it for you. -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp00000.pgp
Description: PGP signature
