On Tue, Dec 12, 2000 at 07:27:32PM -0500, S.Salman Ahmed wrote: > > >>>>> "AS" == Andres Salomon <[EMAIL PROTECTED]> writes: > AS> > AS> The HOWTO, on the other hand, falls under the category of > AS> know-what-you're-doing-and-do-it-safely. About the only things > AS> I can see being put into a script from that HOWTO is setting > AS> logfile permissions and using md5 with passwords. Most of the > AS> rest of the HOWTO depends heavily on your needs, preferences, > AS> and configuration. > AS> > > It would be _nice_, however, if the Debian installer/scripts could setup > some of the things mentioned in the HOWTO at installation time or at > least give the user the option to select some additional > security-related tasks to be done. > > -- > Salman Ahmed > ssahmed AT pathcom DOT com
Oh, I totally agree; this would have to be on a per-package basis, however. Hence, it would rely on each maintainers willingness to do so. For example, a chrooted bind (running as user nobody or something) would be nice, but the bind maintainer has refused (at least until bind 9.1 is released.. see bug #50013). A debconf option would be ideal here; the trick is to convince the maintainer to add it. > X-Disclaimer: I didn't do it, little green aliens wrote this email ^^ hehe :)