Kurth Bemis wrote:
> did you search for openBSD? if so on a lot of postings they say - this
> problem was fixed in openbsd 6 months ago...that could make them show up in
> a search.....
Actually, I used the SF search utility and specified OpenBSD as the
vendor.
> thats all the security listing for ver 2.7. a lot of things on that list
> aren't installed by default....i'm not quite sure what they mean by
> default.....you can DL and install the bare minimum and it totals ~50 megs.....
Well, by the same token, the same thing can be said for Linux. I can
throw Trinux on a floppy and have a completely functional OS (not to get
into the "Is the OS just the kernel or is it all of the utilities as
well" debate, since Trinux has a whole slew of utilities). "Default" is,
as they say, in the eye of the beholder. I can do an "Everything"
install with RH7 and have 2GB worth of packages "by default", or I can
do a "Server" install and have about 120MB" by default". Or, I can do a
"default" setup of Trinux and have about 1.3MB. It seems fairly
subjective to me. I guess it's sort of like statistics. You can make
them say darn near anything you want, depending on which side of the
debate you're on.
> with the default install - a lot of what you listed below is add on
> software.....lets look at it...
As it is with most of the Linux vulnerabilities. I'd theorize that there
are *VERY* few security holes in the kernel. Almost every security hole
in Linux is the result of an additional package. I guess I just don't
get it. If there's a security hole, there's a security hole. If it's the
OS, it's the OS. If it's an additional package..... you get the point.
Kenny
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
