Considering some noise happening in the blog space over a Linux magazine article about security problems with Ubuntu server I think we should re-visit this topic. The article is at:
http://www.linux-mag.com/id/7297/2/ The key criticisms of Ubuntu server raised by Linux magazine are: 1. Default permissions of users home dirs open by default 2. Install allows for blank mysql root password 3. Allowing system accounts unnecessary shell session authority 4. Nonsensical deamons listening on the network despite other configurations servicing those needs In our previous discussion on this topic here, I introduced some personal concerns I have with Ubuntu desktop security with: 1. No firewall enabled by default 2. That AppArmor is providing a false sense of safety for users in controlling the damage zero day exploits could potentially do. AppArmor only protects one daemon, CUPS. By default it does very little. The reality is that other desktop distros such as Fedora have a far stronger set of security features than our beloved Ubuntu, I think we need to make progress on these issues. I think John previously made an excellent suggestion about using something like Plash with hooks into GTK. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
