On 05/02/10 16:13, Stefan Behte wrote:
Hi,
in some environments you have to rename root to something else, just
to be compliant to a (maybe dumb) security policy. This might be the
case for PCI, and as far as I remember, it is necessary (not just
recommended) for a BSI Grundschutz
Hi,
in some environments you have to rename root to something else, just
to be compliant to a (maybe dumb) security policy. This might be the
case for PCI, and as far as I remember, it is necessary (not just
recommended) for a BSI Grundschutz certification (meaning something
like basic security
Peter Volkov wrote:
?? ??, 13/04/2010 ?? 17:18 +0530, Nirbheek Chauhan ??:
The traditional ChangeLog that is currently employed in gentoo-x86
(and in other projects) is simply an ugly hack
The difference between gentoo-x86 ebuild ChangeLogs and ChangeLogs used
in other
02.05.2010 17:23, Krzysztof Pawlik wrote:
Interesting... to me that's not only stupid but also kinda useless - there's
no
difference between brute-forcing a password for user named 'foo' or 'root' -
user name doesn't matter much.
It's better to disable password-based remote login altogether
* Alec Warner anta...@gentoo.org schrieb:
Except as stated they are not fixed (as Fabian pointed out). I'm
happy to support something like setting ROOT_UID and ROOT_GID in
gentoo-x86 profiles and using those. Then if you want to do something
utterly ridiculous to your system you can just
* Krzysztof Pawlik nelch...@gentoo.org schrieb:
Interesting... to me that's not only stupid but also kinda useless - there's
no
difference between brute-forcing a password for user named 'foo' or 'root' -
user name doesn't matter much. Actually according to my ssh logs attackers
usually
hi folks,
just in case anybody's interested:
I've written a little paper on the OSS-QM project, which aims to
provide fixed sourcetrees to many packages+versions and so offload
much of the QM/patching work from individual distros to a common
place:
* Stefan Behte cr...@gentoo.org schrieb:
in some environments you have to rename root to something else, just
to be compliant to a (maybe dumb) security policy. This might be the
case for PCI, and as far as I remember, it is necessary (not just
recommended) for a BSI Grundschutz certification
The attached list notes all of the packages that were added or removed
from the tree, for the week ending 2010-05-02 23h59 UTC.
Removals:
sys-devel/binutils-nios22010-04-26 05:59:41 vapier
sys-fs/btrfs2010-04-28 15:21:09 lavajoe
xfce-extra/xfce4-volstatus-icon