Rafael 'Dido' Sevilla wrote:
>
> Personally, I think this is impossible. No system can be absolutely
secure
> out of the box. Remember that every server deployed has a purpose,
> and without taking this purpose into account, you have many potential
> insecurities. Admittedly, Linux distro vendors could do a better
> job of making a more secure default install, but ultimately, there
> is no one-size-fits-all charm.
I didn't mean absolutely secure ("the only secure computer is one that's
in a safe, buried twenty feet underground"). At least make an OOB
install secure from the standard rootkits and other toolz the script
kiddiez use.
Witness the large difference between the security postures of Red Hat
6.2 vis-a-vis Trustix or Bastille Linux default installs. The standard
deviation should be made smaller between distributions.
I know different servers have different purposes but is it too much to
ask for safety from the script kiddiez?
However, security ultimately rests in the hands of the admin and not the
vendor.
>> Dobol Jeopardy! What makes Micro$oft software exempt from Product
Liability
>> laws.
>>
>>
>
> Their EULA.
Makes me wonder if anybody actually reads those things. Either
a) Windoze came pre-installed, so nobody reads it
b) When it popped up, they just click on "Accept" without reading it through
c) If they do read it through the end, they just shrug their shoulders
and press accept anyway
d) they read it thru, are disgusted, reboot the machine and install
GNU/Linux instead.
When a similar EULA was on passport/hotmail which basically said that
Micro$oft 0|/\|n3d every email you sent/received on hotmail, a lot of
people went up in arms and started putting .hotmail.com in their MTA
site deny lists. This prompted M$oft to chage the EULA for passport.
Will anyone bother to read the EULA for Win XP?
--
Inocencio Daniel Cortes Maramba, MD |http://upcm.net/%7eidcm/
Assistant Professor, Medical Informatics Unit|"Insert witty saying here"
College of Medicine |[EMAIL PROTECTED]
University of the Philippines Manila |"Dude, that kicks ass!"
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
