Thank you for all your replies.
I understand that the user is important for security, but it's a difference
whether you start from scratch or you can work with somethink prebuilt. So,
could you tell me, which of the following securit features are enabled in
Debian by default and which I have to
Please, honestly, do you know what every features in this list does, how
they could be benefit for you and in which way ?
Or did your choice will *only* be based on the number of
supported/enabled features ?
Le 17/05/2014 12:38, herzogbrigit...@t-online.de a écrit :
Thank you for all your
Joel Rees:
He told me to use Ubuntu instead. He explained that with the fact,
that Ubuntu has more security features enabled than Debian (also
more compiler flags for security) in a fresh install. He gave me a
link to the following site:
https://wiki.ubuntu.com/Security/Features
That's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
herzogbrigit...@t-online.de:
Thank you for all your replies. I understand that the user is
important for security, but it's a difference whether you start
from scratch or you can work with somethink prebuilt. So, could you
tell me, which of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
It would however be useful for Debian administrators interested in
security to know somehow what these features do, under what
circumstances they would be useful, and how to enable them in Debian. I
found the Hardening Debian guides on the wiki
Please, honestly, do you know what every features in this list does, how
they could be benefit for you and in which way ?
Or did your choice will *only* be based on the number of
supported/enabled features ?
Whatever the reason, this question deserves an answer.
Le 17/05/2014 12:38,
On Sat, May 17, 2014 at 8:44 PM, Patrick Schleizer adrela...@riseup.net wrote:
Joel Rees:
He told me to use Ubuntu instead. He explained that with the fact,
that Ubuntu has more security features enabled than Debian (also
more compiler flags for security) in a fresh install. He gave me a
link
On Sat, May 17, 2014 at 7:38 PM, herzogbrigit...@t-online.de
herzogbrigit...@t-online.de wrote:
Thank you for all your replies.
I understand that the user is important for security, but it's a difference
whether you start from scratch or you can work with somethink prebuilt. So,
could you
You are free to educate yourself on the security features listed. If you have
trouble understanding their function, it’s best you leave the decision of
security to someone with greater experience and use a distribution that takes
care of it for you.
Again, Debian is not going to handhold you.
On Sat, 17 May 2014 11:44:56 +
Patrick Schleizer adrela...@riseup.net wrote:
After reading the following blog post
http://theinvisiblethings.blogspot.fr/2011/04/linux-security-circus-on-gui-isolation.html
it seems to me, that user account level isolation isn't very strong.
A very
That's a good list of all the currently fashionable security
features for Linux. Some of the items in the list are meaningful,
some are not. Most might be if you know what you are doing with them.
None of the meaningful items in that list are unavailable on Debian,
and the defaults are
The problem is, that Debian lacks a page similar to:
https://wiki.ubuntu.com/Security/Features
As you can see, that https://wiki.ubuntu.com/Security/Features page
looks impressive to new users. I guess Debian is losing a few users to
Ubuntu, because Debian does not have such a page.
Most of
Joel Rees wrote On 17-05-14 03:19:
He gave me a link to the following site:
https://wiki.ubuntu.com/Security/Features
None of the meaningful items in that list are unavailable on Debian, and
the defaults are reasonably secure in Debian.
I might be misinterpreting your definition of
Heh. I took the bait on this one.
On Sat, May 17, 2014 at 8:44 PM, Patrick Schleizer adrela...@riseup.net wrote:
Joel Rees:
He told me to use Ubuntu instead. He explained that with the fact,
that Ubuntu has more security features enabled than Debian (also
more compiler flags for security) in
On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
sven.bartsc...@weltraumschlangen.de wrote:
On Sat, 17 May 2014 11:44:56 +
Patrick Schleizer adrela...@riseup.net wrote:
After reading the following blog post
On Sun, May 18, 2014 at 12:34 AM, Richard van den Berg
rich...@vdberg.org wrote:
Joel Rees wrote On 17-05-14 03:19:
He gave me a link to the following site:
https://wiki.ubuntu.com/Security/Features
None of the meaningful items in that list are unavailable on Debian, and
the defaults are
On Sat, May 17, 2014 at 11:18 PM, Reid Sutherland r...@vianet.ca wrote:
That's a good list of all the currently fashionable security
features for Linux. Some of the items in the list are meaningful,
some are not. Most might be if you know what you are doing with them.
None of the meaningful
On Sun, 18 May 2014 01:09:06 +0900
Joel Rees joel.r...@gmail.com wrote:
On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
sven.bartsc...@weltraumschlangen.de wrote:
On Sat, 17 May 2014 11:44:56 +
Patrick Schleizer adrela...@riseup.net wrote:
After reading the following blog post
On Sun, May 18, 2014 at 1:24 AM, Sven Bartscher
sven.bartsc...@weltraumschlangen.de wrote:
On Sun, 18 May 2014 01:09:06 +0900
Joel Rees joel.r...@gmail.com wrote:
On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
sven.bartsc...@weltraumschlangen.de wrote:
On Sat, 17 May 2014 11:44:56 +
I might be misinterpreting your definition of meaningful, but I
have been looking for a public entropy source for my Debian system
for quite a while. If you can point me to the Debian equivalent of
pollinate and https://entropy.ubuntu.com/ that would be highly
appreciated.
To transport the
Hello,
Le 17 mai 2014 à 17:34, Richard van den Berg a écrit :
Joel Rees wrote On 17-05-14 03:19:
He gave me a link to the following site:
https://wiki.ubuntu.com/Security/Features
None of the meaningful items in that list are unavailable on Debian, and
the defaults are reasonably secure in
On Sun, 18 May 2014 01:36:44 +0900
Joel Rees joel.r...@gmail.com wrote:
There are more reasons than the X11 hole to refrain from using your
admin user to surf the web.
Just out of curiosity, what are these reasons?
Your browser and any plugins, addons, etc. that it loads, including
May be off topic, but IMO one should use an OS booted from DVD or write
protected USB Stick for online banking.
On 17. Mai 2014 18:50:42 MESZ, Sven Bartscher
sven.bartsc...@weltraumschlangen.de wrote:
On Sun, 18 May 2014 01:36:44 +0900
Joel Rees joel.r...@gmail.com wrote:
There are more
Le 17/05/2014 18:38, Jan Moskyto Matejka a écrit :
I might be misinterpreting your definition of meaningful, but I
have been looking for a public entropy source for my Debian system
for quite a while. If you can point me to the Debian equivalent of
pollinate and https://entropy.ubuntu.com/
On Sat, 17 May 2014 18:57:35 +0200
Franz Brandl franz.bra...@runbox.com wrote:
May be off topic, but IMO one should use an OS booted from DVD or write
protected USB Stick for online banking.
Assuming that no remote attacker can plug my HBCI-cardreader into the
USB-HUB, I think that is not
On Sun, May 18, 2014 at 1:50 AM, Sven Bartscher
sven.bartsc...@weltraumschlangen.de wrote:
On Sun, 18 May 2014 01:36:44 +0900
Joel Rees joel.r...@gmail.com wrote:
There are more reasons than the X11 hole to refrain from using your
admin user to surf the web.
Just out of curiosity, what
Paul Wise recently started a thread on this mailing list:
goals for hardening Debian: ideas and help wanted
What about making a wiki page in Debian wiki listing what's
implemented with references?
If you wish, I can try to start that table. I would be interested
myself what's implemented.
Joel Rees wrote On 17-05-14 18:20:
Hmm. Early boot has problems getting enough randomness (for what?),
To seed the kernel random number generator.
so let's go get some randomness from a server somebody in the Ubuntu project set up.
I never said it was a great solution, but the lack of good
Emmanuel Thierry wrote On 17-05-14 18:37:
Isn't it a better idea to use local entropy generators such as haveged instead
of online ones ?
Haveged is great, but IMHO it cannot replace a hardware PRNG.
I'm quite disturbed about using a online (and moreover third-party) service to
improve
Joel Rees dijo [Sat, May 17, 2014 at 10:06:41PM +0900]:
The problem is, that Debian lacks a page similar to:
https://wiki.ubuntu.com/Security/Features
Is that page really useful? I mean, besides as a sort of sales brochure?
Agree with this. It would be nice to have such a page, but having
On Sat, May 17, 2014 at 07:32:03PM +0200, herzogbrigit...@t-online.de wrote:
Deleted bunch of HTML, most of it formatting which I'm sure had some
text, but lost patience parsing
Could you try that again in plain text, please?
Cheers,
Tom
--
Pascal is not a high-level language.
So, ...
On Sun, May 18, 2014 at 2:32 AM, herzogbrigit...@t-online.de
herzogbrigit...@t-online.de wrote:
Paul Wise recently started a thread on this mailing list:
goals for hardening Debian: ideas and help wanted
What about making a wiki page in Debian wiki listing what's
implemented with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
herzogbrigit...@t-online.de:
Yes it would be great if you can start with such a page. Use the
Ubuntu table as a template to start. I'll try to help as much as
I can in the wiki. Many Linux-Distros have a security features
page in their wikis.
On Sun, 2014-05-18 at 01:41 +, Patrick Schleizer wrote:
Got started:
https://wiki.debian.org/Security/Features
Anyone knows how to view (as a non-admin) the wiki markup of
https://wiki.ubuntu.com/Security/Features ? (I would like to learn by
example how wiki tables are made in moin
34 matches
Mail list logo