> All,
>
> I was just reading a review over at UNIXreview
> (http://www.unixreview.com/articles/2001/0106/0106d/0106d.htm) about
> EnGard Secure Linux. The short version is that they were pleased with
> it.
>
> The slightly longer version (which is just *MY* opinion) is that it
> looks a little bit limited. It can be used for either a web server
> (and secure online store) or a mail server. It isn't meant to be a
> firewall or anything else. It is simply a secure distribution that is
> meant to offer a few services to the public. The thing that I find to
> be most appealing about it is the security model and approach that
> they take. Rather than start out with a full-blown distro and then
> strip out everything that isn't needed, they started with nothing and
> built the distro from the ground up with security in mind. IMHO, the
> latter is a far better way to build a secure distribution because
> there isn't as much room for error. They also take a fuller view of
> what "secure" means than most. They haven't just created a system that
> can't be broken into. They have taken into account things like
> back-ups, physical access security, etc.
>
> Unfortunately, EnGarde wipes out the entire first drive in a system
> during install because it was meant to be the only thing on that
> system. Because of this, I haven't had the chance to play with it. If
> anyone out there does get a chance to use it, I would love to hear a
> first-hand report on it's merits.
It sounds like they took the right approach to making the system secure;
do not install a metric shitload of software, then strip out what is
insecure/unneded, but rather only ADD what is needed. Indeed, that has
been my approach to building severs for several years, by hacking up the
RedHat installer (gasps from audience).
But as to your comments about not being able to test it because it wants
to wipe /dev/hda, I suggest that you check out removable hard-disk trays.
No, not some fancy hot swap system, but simple $25 device that let you
poweroff and pop in a scrap 4 gig drive to intsall some curious new
distro, or whatever. I myself could not live without them in the office.
I wanna boot up windoze 98? No need to fuddle with partitions and such,
just power off and swap in a new drive, takes about 30 seconds more than
rebooting and entering something at the LILO prompt.
As far as the distro mentioned goes, do you really want to dual-boot into
win98 from your e-commerce server? If one is trying to make a good distro
for a SPECIFIC application, the last thing you are worried about is
dual-booting and such.
-LM
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
