On 28 Mar 2024 15:28 -0400, from g...@wooledge.org (Greg Wooledge): >> so apparently somebody else has done a threat analysis and decided >> apparmor is the appropriate mitigation strategy? > > *An* appropriate mitigation strategy. Not "the". > > There are many, many layers.
Right. We've got everything from address space layout randomization (ASLR), firewalling, full-disk encryption (for example with LUKS) and automatic system updates all the way to password policies, file/directory access permissions and system call masking. There is the concept of data backups, storage-level redundancy, SMART monitoring and system log analysis. It's possible to choose between encrypted SSH and plain-text telnet or rsh for remote shell access (and these days, no one should suggest the latter, but I digress). Each of which can help mitigate _some_ threats and is utterly useless against others. Even within each of those there are differences. For example, a _lot_ of people and guides say, essentially unconditionally, "Thou Shall Disable SSH Password Authentication". That's good advice in some situations and _horrible_ advice in other situations. It's not particularly meaningful to make a threat assessment for "Debian". (It might very well be meaningful to make a threat assessment for _the Debian project_, but that's something very different.) What certainly _is_ meaningful is to make a threat assessment for your computer, your data, your network and your usage. Which will almost certainly be very different from mine, or Alice's, or Bob's; never mind between my desktop system, Carol's server and Mallory's laptop; and therefore will require a different implementation. -- Michael Kjörling 🔗 https://michael.kjorling.se “Remember when, on the Internet, nobody cared that you were a dog?”
