On Thu, Jan 2, 2014 at 6:36 PM, Daniel Curtis wrote: > > Hello everyone, > > Michael web site with a statistic I've watching for time to > time. Also Debian Hardening wiki page I studied a couple of > time. > >> There is a lintian check for setuid binaries (...) >> There isn't really any group effort tackling or monitoring >> the assortment of useful hardening features (...) > > Are you trying to say, that this problem is almost without > checking, auditing etc.? You're right - there isn't really any > group effort tackling to adding/enabling additional Security > Features. Ubuntu and openSUSE doing perfectly job in this > arena. Both system using many interesting features, which > aren't available in Debian.
There simply isn't a cohesive team working on that anymore, but as upstreams do adopt hardening features, it does eventually get pulled in. Debian operates on volunteer interest. If there aren't volunteers, things unfortunately don't get done. > Anyway, it could be very nice if Debian would start to > implement AppArmor for serious - put all effort on this > (yes, there is also SELinux) because it's very simple, > intuitive, contains many profiles etc. SELinux is also good, > but is complex. Of course there is openSUSE and Ubuntu > with AppArmor so everything is even easier. It's only going to get done if there are volunteers interested in working on that. You're already interested, so you're in the best position to make it happen? Best wishes, Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/CANTw=movzd4u9nd_tzrtjaj3nws6coxr4u6qibc237rmdek...@mail.gmail.com
