[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
- To: Curt Purdy <purdy@tecman.com>
- Subject: RE: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
- From: Michal Zalewski <lcamtuf@ghettot.org>
- Date: Thu, 23 Oct 2003 01:51:08 +0200 (CEST)
On Wed, 22 Oct 2003, Curt Purdy wrote:
>> http://www.linuxunlimited.com/why-linux.htm
>> ``Properly configured and maintained, Linux is one of the
>> most secure operating systems available today.''
>
> The key words here are "properly configured".
Well, once "properly configured", pretty much _any_ operating system would
make it to the top 0.01% of the most secure boxes in the world. I do not
know a single popular OS that would limit your abilities to harden it up
to a point where it is impossible to do it effectively.
I know plenty of systems that lack some nice features, and that make it
difficult to configure and manage overall system security features in a
reasonable manner to make it possible for a "seasoned novice" to find out
what has to be done, and to fine-tune his OS without breaking some stuff
or making it worse.
It's just a matter of how easy it is to properly configure and secure your
system (far beyond downloading most recent patches), and how much control
_and_ supervision you're given over this process.
Popular Linux releases do not score remarkably higher than other
well-known OSes in the above.
--
------------------------- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--------------------------- 2003-10-23 01:34 --
http://lcamtuf.coredump.cx/photo/current/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html