On Thursday 02 October 2003 22:19, you wrote: > >1. I provided them with a small display saying > >" Checked for viruses but No warranty" > > In general, requirements are probably going to have to be defined with the > purpose of meeting the library's security policy; anti-virus is only a > small part of the total plan. That may include restricted local system > access, access to only a limited number of programs and/or options, > required proxy software/settings for content filtering, etc., etc.. These > are just a few examples that might be pertinent in a public library. > > Now, part of the glory of Linux/OSS is that it is likely possible to meet > those requirements without necessarily investing in a huge legacy > infrastructure first. The same custom-built bootable Knoppix CD (for > discussion's sake only) could be pared down and secured to meet standards > while maintaining interoperability and providing a stable platform. But it > would depend on exactly what specs needed to be met to know for sure. > > What goes through my mind as a security-aware Linux user is this: not only > does a fat distro provide great applications to the average user, but also > provides tremendously powerful utilities that could be used for evil > instead of good. Anyone with a little Linux knowledge and a bad attitude > could be a potential threat to the services and reputation of the library. > > I'm not saying that this makes it a bad idea; only that there may be more > considerations that come into play when viewed from the corporate > perspective of the library. > > If it is feasible to meet library requirements, whatever they may be > (security and otherwise) without necessitating a large, co-ordinated > long-term project, I would be willing to volunteer some of my time to > ensuring that whatever distro is chosen does align with security policy. I > would also open the invitation to others who might have an interest and/or > knowledge in security-related aspects to contribute or audit any > changes/recommendations. I certainly don't know it all, and many eyes make > fewer oversights. > > Late night 2 cents on one aspect of it all. :-P > > Curtis >
Curtis, sorry some confusion here, i wasn't clear. The intention is to donate some discs for the Library to loan out, having said that i will certainly bring up the fact that there are some fairly mature Library administration programs out there! -- Graham "A person is smart. People are dumb, dangerous, panicky animals and you know it." Agent K, Men in Black.
