Bryan Paxton <[EMAIL PROTECTED]> writes: > On Fri, 2002-02-08 at 04:20, Pixel wrote: > > Bryan Paxton <[EMAIL PROTECTED]> writes: > > > > AFAIK, there's not much difference between level 2 and 3 with current msec. > > The major differences: > > - X port 6000 is closed in level 3 (and i won't accept a default install which > > breaks xhost +foobox) > That's highly insecure (DoS attacks mostly).
IMO this is availability, not security. [...] > > - ssh-server allows login as root in level 2 > HIGHLY insecure... Allowing remote root login on any service is BAD BAD > BAD. As for me, i don't care. This could be changed. [...] > -/etc/rc.d/init.d/* root.root 744 > +/etc/rc.d/init.d/* root.root 700 really annoying. Security via obscurity. It also means you have to use root more often. [...] > -/home/* current 755 > +/home/* current 711 that is friendly :-( i hate it [...] > -AllowAutologin of course, this is not acceptable. [...] > umask defaults umask doesn't seem to be changed. > And the security checks beurk. Any rootkit can see cron-based checks and disable them...
