On Fri Nov 05, 2004 at 16:15:13 +1100, O Plameras wrote: >Dave Airlie wrote: > >> >>but why stop at the kernel? why not build your own glibc with NSS turned >>off? who needs name service switch on a firewall, who needs bash tab >>completetion on a firewall... etc.. you are lulling yourself and your >>customers (more scary) into thinking that by u compiling a kernel you are >>making their system more secure whereas in fact you may be making their >>system less secure by not allowing them to install vendor supplied >>security updates... this is the fact that your missing, and which you >>don't seem to want to get, .. it's not so bad for you but I would feel bad >>for anyone who you push this advice on... >> >>does anyone recompile cisco pix? or Solaris kernels? do they have worse >>security? (well cisco pix is probably a crappy example ;-), say IOS >>instead) >> >> >> >Let me make clear once more this, > >The reason for re-compiling is to implement one of the many Generic >Security Policies, >namely: > >Include only those OS components that are required. There are scores of >rationalies for this.
Ok, but that is one of *your* security policies. Other peoples generic security policies include: * Allow the user to easily apply security patches. The recompiling kernel conflicts with this policy. SO there it comes down to a choice. Depending on a lot of factors (clueyness of user, risk assessment, amount of money being paid), you may deem one of these Generic Security Policies more or less important. No one here is arguing that compiling your own kernel is always bad, just saying that it isn't always appropriate. Benno -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
