On 17 February 2011 16:36, Lars Wirzenius <l...@liw.fi> wrote: > It would be really cool if there was an automatic auditor for people to > use. Not just showing emblems in Nautilus, but offering to fix things as > well. Here's how I imagine it might work. (...)
>From your description you are not looking at an 'auditor' but also a hardening tool. These two niches are (sub-optimally) covered in Debian separately by the Tiger security tool and Bastille, which I maintain. Unfortunately, both of these tools are more oriented towards security-knowledgeable users than end home users and they lack a "nice" GUI: Tiger's reports are simple text files and Bastille uses perl-tk which is hmmm a little bit ugly. Other approaches I've send in other distributions are SuSE's yast security "levels" [1] and Mandrake's msec tool [2]. The concept of these tools is good, since they both define profiles for different (typical) users and try to set some system configuration variables accordingly. In addition, Mandrake's msec configures also periodical reviews of the system (something we in Debian implement through checksecurity or Tiger). None of them, however, take the "expert system" approach you are suggesting i.e. they do not ask the user what type of system they have, which security level they want and provide a list of things "to fix". The user just selects a desired security level and the tools implements all the associated "improvements" to get to that level. Anyway, your idea is nice, and IMHO could be a proposal for this year's GSOC. I would happily mentor (or co-mentor) such a tool. Even though my past experience is that GSOC proposals related to OS security do not grab too much attention / students requests. For reference see [3] [4] [5] [6], of these, only [3] had a followup. Regards Javier PS: RedHat uses the 'system-config-securitylevel' which is used to configure firewall rules and SELinux but it is a different approach. [1] http://doc.opensuse.org/products/draft/SLES/SLES-security/cha.yast_security.html [2] http://wiki.mandriva.com/en/Draksec [3] http://wiki.debian.org/SummerOfCode2007/ovalagent [4] http://wiki.debian.org/SummerOfCode2007/commonsecuritychecks [5] http://wiki.debian.org/SummerOfCode2007/autosecreview [6] http://wiki.debian.org/SummerOfCode2008/SecurityPolicy -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinoqnpvh9_e15fgx-fe6ykxjln31zxfjorje...@mail.gmail.com
