On Sat, 17 May 2008 08:23:41 -0700 Mike Bird <[EMAIL PROTECTED]> wrote:
> On Sat May 17 2008 02:32:29 Rico Secada wrote: > > I am not saying that Debian isn't secure per say, but things like > > removing SUID and SGID from files where they generally aren't > > needed as default imho is better. If someone needs SUID then he has > > to set it. > > > > Locating what files that it is generally safe to remove SUID and > > SGID from isn't that easy. > > Agreed. > > That's why, unless you have a lot of time and experience, it's much > more secure to run a major distribution that has been reviewed by many > people rather than trying to make all of these decisions yourself. > > If you should ever find a security problem with Debian, please be sure > to let us know via a channel appropriate to the level of the problem. I am sorry but I had gotten my hands on a document with some outdated information about some default tools being unsafe with Debian because they had SUID set. Sorry all. > --Mike Bird > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]