Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: SECURITY: Red Hat Linux 5.1 linuxconf bug
From: sergio () pratonext it (Sergio Ballestrero)
Date: Tue, 2 Jun 1998 00:13:12 +0200


  Hi all,
 i've got a few answers from people, and from the kind of answer i'm
starting to think that i have not been clear enough in the first mail. So
i apologize for this cross-posting, and for insisting on this thing, but
i'd really like you all to get my point of view.

 I have that bit of knowledge of Unix that allows me to understand that
Linuxconf is not the way to go for best system security; but it's the only
way to go to make Linux acceptable in certain environments, when the other
choice is WindowsNT. I can do, and i've done for years now, my system
administration using config files etc.;  but when i bring a Linux server
in an office, i _must_ give them an easy admin tool, else they'll ask for
NT.

 So, my point of view is a bit different from the usual BUGTRAQer's: not
to achieve absolute security, but an "acceptable" level. Still thinking
about the (very) small office server: this means that there will be no
local users, or maybe only a few, trusted ones; on the local network there
will be practically nobody experienced with unix, so no serious threat;
but there will be an Internet connection, and the server should be as safe
as possible against attacks from the external net. Now, forget about
firewalls and the rest, that the small office cannot afford: at this
point, to me, "acceptable" security means that it should at least be
"quite" secure against exploits from non-local users, and safe against
non-allowed IPs - at least as much as tcp-wrappers are.

 If this is impossible to obtain with linuxconf, then i'll have to turn to
something else - COAST, maybe, if it is any better. No matter the choice,
the point is that Linux, and Unix in general, desperately needs easy admin
tools; now that they're coming, it would be crazy to have to drop them
because they cannot guarantee _any_ security.


                                    Cheers, Sergio

 -------------------------------------------------------------------------
   Sergio Ballestrero                                    PratoNeXt s.r.l.
     System Manager                           Via Giotto 27 59100 Prato
     sergio () pratonext it                        Tel 604350 - Fax 604454
 -------------------------------------------------------------------------



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]