Is anyone here running a Debian system with no daemons running as root other than init, inetd, and sshd, no SUID-root programs other than passwd, su, etc, and generally having everything locked down as much as possible (chroot's for daemons, etc)?
If so what kernel patches do you apply for security? What do you consider to be the main area of weakness in your system security that needs to be addressed? What needs to be done to improve the general Debian security? Please CC me on any replies as I'm not subscribed. Please feel free to reply by a private message (I will summarise responses without information on who sent them to me and forward them to other interested people except where requested to do otherwise). I am interested in improving the general security of Debian and am involved in some discussions as to what is the best way to do it. I am searching for background data to help with this. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
