i believe there should be at least a document about securing an Ubuntu server after the default install. I "grew up" using slackware as a server and i don't really care if a server is "hard" to set up as long as the core OS is secure, and i had no idea that the home directories in Ubuntu were world-readable, my fault i know, but i assumed it was default in all linux installs. I understand the concept of "linux for humans" but humans should also secure their servers.
On the other hand, the applications is completely other subject, i mean, they are supposed to be configured, and not left with default settings, specially public services as mail/database, etc. Bottom line is, the article may not be good, but it is a great tool as feedback for the server team, and constructive critisism is needed to improve overall. Keep up the good work. On Tue, Apr 14, 2009 at 9:30 AM, <n2...@verizon.net> wrote: > The second page is reachable now. > > Opinions vary, but the author has some points, IMHO. > > I'm not fond of his condecending attitude (maybe I'm just overly > defensive), but I think this article could have been improved it were more > of a cookbook on how to secure an Ubuntu Server install, not focused on > listing choices the author doesn't like. > > What do I mean by this, his first example reguarding world-readable users > directories - the author got very close to saying how to fix the issue (by > altering the DIR_MODE value in the /etc/adduser.conf file). > > As for the condecension I saw, the author assumes that the Server > distributions "designers" actively choose to go with insecure options and > settings in the default install - my choosing to include packages that are > insecure, a choice is made, but if that is the only version of the software > available, the choice is to include it or not, and if it is not included, it > will still likely be downloaded and installed by an end-user - what would > that accomplish? The same insecure server, more effort to set up the server. > > Opinions vary, and this article lists the authors opinions, but there are > some valid points in there. > > Ken > > > Apr 14, 2009 10:24:57 AM, albertosie...@aesetres.com wrote: > > what do you guys think? > > http://www.linux-mag.com/id/7297/1 > * > "Ubuntu Server has one of the cleanest and easiest Linux distribution > installers. However, in many cases, its designers choose to ignore security > in favor of ease-of-use. The result? An install that is not secure by > default."* > > -- > Alberto Sierra Reales [aesetres] > IT Consultant > Cel. 8319-1805 > > > ------------------------------ > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam > > -- Alberto Sierra Reales [aesetres] IT Consultant Cel. 8319-1805
-- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam