Wouter Verhelst <[EMAIL PROTECTED]> writes: [snip]
> A buildd host does not need much to work safely, so writing a security > standard should be possible. How about a security standard like the > following: > > * A buildd host must not have any port open, except for one SSH port > (preferably port 22, but may be nonstandard). > * It must run OpenSSH of at least version <version without security > issues in stable> or <version without security issues in unstable> > * It must run a kernel from the list of <list of kernel packages in all > distributions that are safe> > * It must not have PermitRootLogin enabled > * It must not have PasswordAuthentication enabled > * It must not have any tunneling enabled, except for scp > * It must not have any enabled accounts except for root and the admin > user(s) > * ... possibly something more? > > Then DSA could set up a cronjob that would run every x days, check > whether the requirements are being met, and would scream like hell if > one of the hosts was insecure? Even better - use cfengine to automagically check that the config files were accurate. Plus, it would make a good example cfengine file for the documentation package. cheers, Rich. -- rich walker | Shadow Robot Company | [EMAIL PROTECTED] technical director 251 Liverpool Road | need a Hand? London N1 1LX | +UK 20 7700 2487 www.shadow.org.uk/products/newhand.shtml -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]