Full Disclosure mailing list archives
RE: [inbox] Re: RE: Linux (in)security
From: Michal Zalewski <lcamtuf () ghettot org>
Date: Thu, 23 Oct 2003 01:51:08 +0200 (CEST)
On Wed, 22 Oct 2003, Curt Purdy wrote:
http://www.linuxunlimited.com/why-linux.htm ``Properly configured and maintained, Linux is one of the most secure operating systems available today.''The key words here are "properly configured".
Well, once "properly configured", pretty much _any_ operating system would make it to the top 0.01% of the most secure boxes in the world. I do not know a single popular OS that would limit your abilities to harden it up to a point where it is impossible to do it effectively. I know plenty of systems that lack some nice features, and that make it difficult to configure and manage overall system security features in a reasonable manner to make it possible for a "seasoned novice" to find out what has to be done, and to fine-tune his OS without breaking some stuff or making it worse. It's just a matter of how easy it is to properly configure and secure your system (far beyond downloading most recent patches), and how much control _and_ supervision you're given over this process. Popular Linux releases do not score remarkably higher than other well-known OSes in the above. -- ------------------------- bash$ :(){ :|:&};: -- Michal Zalewski * [http://lcamtuf.coredump.cx] Did you know that clones never use mirrors? --------------------------- 2003-10-23 01:34 -- http://lcamtuf.coredump.cx/photo/current/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Linux (in)security Schmehl, Paul L (Oct 22)
- Re: RE: Linux (in)security Thomas Binder (Oct 22)
- RE: RE: Linux (in)security Edward W. Ray (Oct 22)
- RE: RE: Linux (in)security Arcturus (Oct 22)
- Re: RE: Linux (in)security Jeremiah Cornelius (Oct 22)
- Re: RE: Linux (in)security Mr. Rufus Faloofus (Oct 22)
- Re: RE: Linux (in)security Peter Busser (Oct 22)
- Re: RE: Linux (in)security Cael Abal (Oct 22)
- Re: RE: Linux (in)security Peter Busser (Oct 23)
- RE: RE: Linux (in)security Edward W. Ray (Oct 22)
- RE: [inbox] Re: RE: Linux (in)security Curt Purdy (Oct 22)
- RE: [inbox] Re: RE: Linux (in)security Michal Zalewski (Oct 22)
- RE: [inbox] Re: RE: Linux (in)security Ron DuFresne (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Curt Purdy (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Michal Zalewski (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Ron DuFresne (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security William Warren (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security Ron DuFresne (Oct 24)
- Re: RE: Linux (in)security Thomas Binder (Oct 22)
- Re: [inbox] Re: RE: Linux (in)security Jeremiah Cornelius (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Paul Schmehl (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Andy Wood (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Paul Schmehl (Oct 23)