Hello, Aaron. > i don't think it's laziness, it's the realization > that for the vast majority of installs this is > more of a pain than anything else. on most Linux > systems, if you have a shell account you also want > to be able to switch users. on those that this > isn't the case, it's a simple matter to harden it.
The human race IS lazy; that's why we invent things. :-) My interest in the security hardness of Linux distros is rooted (no pun intended) in the seeing how Linux will or will not be adopted into enterprise to replace commercial flavours of UNIX. I am also interested in how difficult it is for novice administrators (such as myself) to be confident that one of the machines under my dominion is secure, or at least have a sense of how secure it is. Firewalls are like a security blanket (double meaning and pun intended), but firewalls can't help you when you have deliberately (eg.: webhosting customer) or unintentionally (eg.: hacker/cracker) provided access to a machine/network. The Linux HOW-TO's are a great resource for learning about how to do various things, but I have found that deducing best practices from the HOW-TO's can be difficult. When best practices are enumerated like a checklist, it then becomes easier for someone to (manually or automatedly) audit a system based upon them. I have been away from being immersed in UNIX for a few years, but I have become interested in getting back into middle tier programming. I also want to perhaps provide webhosting to non-profit organizations--but not until I feel confident that I will be able to prevent them from stepping on each others' toes. Sean Dockery SBD Consultants Certified Java Web Component Developer Certified Java Programmer Certified Delphi Programmer [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> http://www.sbdconsultants.com <http://www.sbdconsultants.com> (403) 860-2534
