As this issue is of wider interest I'll BCC you and reply to the debian-user list.
On Fri, 21 Mar 2003 23:48, you wrote: > On March 21, 2003 05:27 am, Russell Coker wrote: > > If you install SE Linux then you get much better control over your > > system. When Apache can't even see other processes or write to /tmp it > > makes such exploits much more difficult. > > Are you still maintaining the SE Linux packages, is it possible to install > an SE Linux Woody system? I am maintaining packages for Debian/Unstable, Brian is maintaining packages for Woody. At the sourceforge web site go to the "Docs" link and the first document explains how to install SE Linux on Debian. http://sourceforge.net/projects/selinux/ > Have you heard of the Trusted Debian project > (http://www.trusteddebian.org/) and RSBAC? If you have compared them, I'd > be interested in your comments. The "Trusted Debian" project is based on RSBAC which is not as widely supported as SE Linux. Also it is based around the idea of re-packaging all Debian software which is a huge amount of work. I currently maintain 21 Debian packages for SE Linux which is more than enough work, maintaining a fork of all the base packages would be a huge amount of work. I doubt that the Trusted Debian people will be able to keep up with the range of packages that you will want to use. Also there seems to be no information on who makes this "Trusted Debian". The mailing list archives are broken links and there is no public information on who is behind the project. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
