> fredagen den 6 juni 2003 21.27 skrev Vincent Danen: >> > I'm thinking more like the next release, possible ways to claim a >> more "secure" os. It's just a way of thinking..., maybe we could do >> this and get away with it, or maybe not. The usability will have to >> remain, but certain things would have to change, like access to >> certain functions. >> > >> > Well..., never mind... >> >> Maybe something along the lines of bastille or harden_suse, >> specifically tailored to Mandrake, would be in order. Some subset of >> msec that you run once and it goes through some configs and makes >> changes (and reports what changes it makes). But a one-time thing so >> that if you change something back, it doesn't come along the next day >> and "fix" it for you. >
The big issue is making these things transparent and understandable to the user ... > I haven't tried suse, but this could be it. I think this is what I > meant, or wanted in the first place..., too bad I suck putting what I > mean into words. But I belive I mentioned msec, or maybe that's not it? > Maybe I really had the bastille stuff in mind after all. I wonder if we > could use parts of suse and/or bastille for this? I know it would > require resources from mandrake to fix this, but... I won't fix this > myself, not singlehandedly anyhow, no way. There are more enlightened > people than me who should author this. > > As usual..., just a couple of ideas. Well, I think we need to start looking at the requirements for good handling of configuration for all services, including security aspects. libconf (those who haven't looked at it should at least go and read in the wiki) seems to be a really good backend, and IMHO we should aim to have all configurations a typical newbie-ish admin would want to do available via a frontend that uses libconf (otherwise we lose it's features, such as having all comments in smb.conf removed if someone uses SWAT). > > For example if you install the "kernel-secure" stuff you should not be > surprised if mod_index is not there. You should cope with no "phpinfo()" > like functions, etc. Unfortunately, too many people reckon they can be secure just by installing the secure versions, and don't think there will be anything different :-(. We mustn't hide things from the user. If it's secure by default, that's fine, but we need to give the user the freedom to have funtionality withuot having to know every config file he has to edit ... Regards, Buchan
