Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [inbox] Re: RE: Linux (in)security

From: Michal Zalewski <lcamtuf () ghettot org>
Date: Thu, 23 Oct 2003 01:51:08 +0200 (CEST)
On Wed, 22 Oct 2003, Curt Purdy wrote:


http://www.linuxunlimited.com/why-linux.htm
``Properly configured and maintained, Linux is one of the
most secure operating systems available today.''


The key words here are "properly configured".


Well, once "properly configured", pretty much _any_ operating system would
make it to the top 0.01% of the most secure boxes in the world. I do not
know a single popular OS that would limit your abilities to harden it up
to a point where it is impossible to do it effectively.

I know plenty of systems that lack some nice features, and that make it
difficult to configure and manage overall system security features in a
reasonable manner to make it possible for a "seasoned novice" to find out
what has to be done, and to fine-tune his OS without breaking some stuff
or making it worse.

It's just a matter of how easy it is to properly configure and secure your
system (far beyond downloading most recent patches), and how much control
_and_ supervision you're given over this process.

Popular Linux releases do not score remarkably higher than other
well-known OSes in the above.

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2003-10-23 01:34 --

   http://lcamtuf.coredump.cx/photo/current/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: