Branches
Comments
[»]
what's the package system?
by Michael Shigorin - Jun 28th 2007 05:10:52
I've tried to identify what one of the crucial system security management
tools, software [package] mgmt system, is -- and so far it failed.
Could you please elaborate on that on project's webpage? Since there
are lots of misleading or irrelevant words there (like, "everything you
need and no more" is moot unless you know precisely what I do need;
"installed in just 10 minutes" is completely non-issue for security related
products where the time is measured till the "production ready system"
point; and "professional enterprise servers" these days are harder to
impossible to run with 2.4.x) -- but not a word on that matter, and so far
I don't like FHS violations like /usr_static or /usr/{sslx,suid-bin}.
Please also not that kernel's important to system security but far from
being critical unless there's IP stack vulnerability or you've lost local
access defences to an attacker. Do you do privsep? It's nice to see SUID
binaries not available to the world but successfull attack on account in
"admin" group would gain a lot of ground to build upon.
In ALT Linux, we
generally ship SUID/SGID binaries "restricted" (root, nosuid) by default
with a control(8) mechanism -- initially developed at Owl which _is_ quite
genuine security oriented server distro by professional and well-known
hackers in the area -- to achieve persistent permissions which are
determined by an administrator, not just distribution.
Sorry to reiterate, but what's out there to prove that SSLX is actually
suitable "for professional enterprise servers" as stated on its homepage?
I've seen at least Linux Netwosix one-boy project to just dry out in half a
year from overestimating its own importance (site offline as of today), and
there were "stable/secure/enterprise server" claims and ill buzz all around
and even some advisory spam in bugtraq. That was clearly not the best free
software developers can do to gain credibility.
--
Michael Shigorin
mike SOMEWHERE AT altlinux PLUS DOT org
[reply]
[top]
[»]
Re: what's the package system?
by Sebastian Faulborn - Jul 15th 2007 12:22:35
> I've tried to identify what one of the
> crucial system security management
> tools, software [package] mgmt system,
> is -- and so far it failed.
I am still elaborating on the best package management technique and will
probably be using my own creation since all package management systems I
have tried have serious problems I don't like (despite the fact they are
used widely by other distros - eg. rpm).
For this reason there are only 2 packages: SSLX-Server and SSLX-Desktop.
In my experience it is very dangerous and does not add stability if you can
update individual packages. Lots of packages depend on other package of a
specific version (eg. glibc or GNOME). With Secure-SLinux you will either
update all packages or none.
>
> Could you please elaborate on that on
> project's webpage? Since there are lots
> of misleading or irrelevant words there
> (like, "everything you need and no more"
> is moot unless you know precisely what I
> do need; "installed in just 10 minutes"
> is completely non-issue for security
> related products where the time is
> measured till the "production ready
> system" point; and "professional
> enterprise servers" these days are
> harder to impossible to run with 2.4.x)
> -- but not a word on that matter, and so
> far I don't like FHS violations like
> /usr_static or /usr/{sslx,suid-bin}.
>
Well, you can say the same thing about nearly every distro. I admit that
the Secure-SLinux homepage currently does not contain a sufficient details
page which would answer your questions. There has just not been enough time
to get the homepage in shape on all the details.
To answer at least some of your points:
"everything you need and no more":
Secure-SLinux contains everything you need for working with linux. It
contains more of the "serious" apps which are often missing in other
distros or which are simply misconfigured (does vi now work on RedHat in
german locale (backspace, page up/down); can I compile perl modules
although distro is in UTF-8; do man pages work; root on top of LVM2 on top
of encrypted raid-1 with a GnuPG encrypted multi-key?). Note however that
Secure-SLinux only provides a base system. It will not come with thousands
of apps preconfigured the way the distro wants it like so many other main
stream distros. There are many reasons for this:
- In professional enterprise environments you will often need features
which are not enabled in the distro's installation or cannot be configured
with the graphical configuration tools. So you will have to install them
yourself anyway (eg. Apache, MySQL, Oracle, etc.)
- If there are thousands of apps preinstalled it is nearly impossible to
keep the system secure (eg. configuration, what is really running in the
background?)
- I myself have always found me deinstalling everything I wont need,
deactivate the rest, install the progs I need, compile a new kernel with
the patches I need (and I don't need a patch enabling chinese characters
etc. which breakes other things...).
"installed in just 10 minutes":
I don't understand why installing a distro on a computer takes so long.
RedHat/Suse takes at least 25Min. + configuration. Windows takes at least 1
hour! If you ever had to install some 25 Servers - yes it matters then. I
can install Secure-SLinux in just under 7 minutes - including networking,
keyboard, fstab - all you need for a running server.
"professional enterprise servers":
Can you tell me a single app which will not run under 2.4.* kernels? Most
apps only depend on glibc (and other packages which in the end depend on
glibc). Glibc and XOrg additionally depend on the kernel but have no
problem with 2.4.* kernels. GRSecurity and MySQL recommend 2.4 for
stability. I have found that 2.6 kernels still undergo so much change that
some versions did not even boot my server. This is not what I understand
under "problem free".
"FHS violations":
I don't like the FHS at all and cannot understand that they are so much
off any real life server! They are a standard and standards have
advantages. That's why Secure-SLinux sticks as much as possible to
standards. But the FHS has many directories which nobody needs (eg.
/var/tmp, /var/cache /var/lib - only one is needed) and is missing a whole
lot of directories eg. for distros to put their stuff in (for this reason
every distro has its own way to hide their config/package management
files).
> Please also not that kernel's important
> to system security but far from being
> critical unless there's IP stack
> vulnerability or you've lost local
> access defences to an attacker. Do you
The kernel is important for stability. The reason why there have not been
so many vulnerabilities in the kernel in the past is because linux is
simply so stable. If you ever have run the testsuite of glibc with a
wrongly configured kernel you will know that the correct kernel
matters.
> do privsep? It's nice to see SUID
> binaries not available to the world but
> successfull attack on account in "admin"
> group would gain a lot of ground to
> build upon.
a) not if you use gradm of GRSecurity which restricts every binary a lot
more than chroot.
b) Most servers now-a-days offer services to the outside world. Only the
admins are allowed to log into the server. Secure-SLinux is designed to
protect you against attacks from the outside. SSP stops more than 95% of
all attacks, PAX and GRSecurity kill apps on most of the remaining attacks.
You should run every app under its own user. So becomming the admin user
would mean you need to escalate privilages which would be just as difficult
as becoming root. Then again with gradm, root is not a superuser anymore -
so I think there are many protections in Secure-SLinux (and many more) to
protect you.
>
> In ALT Linux, we generally ship
> SUID/SGID binaries "restricted" (root,
> nosuid) by default with a control(8)
> mechanism -- initially developed at Owl
> which _is_ quite genuine security
> oriented server distro by professional
> and well-known hackers in the area -- to
> achieve persistent permissions which are
> determined by an administrator, not just
> distribution.
You can spend a lot of time thinking of theoretical mechanisms which might
improve security. However a system must be practical. There is a tradeoff
between the ability for a reasonably experienced administrator still being
able to handle the security features of the system and security itself.
Secure-SLinux tries a practical balance between the two. Some people might
need another compromise - most people will be happy with the way
Secure-SLinux handles security.
>
> Sorry to reiterate, but what's out there
> to prove that SSLX is actually suitable
> "for professional enterprise servers" as
> stated on its homepage? I've seen at
> least Linux Netwosix one-boy project to
> just dry out in half a year from
> overestimating its own importance (site
> offline as of today), and there were
> "stable/secure/enterprise server" claims
> and ill buzz all around and even some
> advisory spam in bugtraq. That was
> clearly not the best free software
> developers can do to gain credibility.
If you don't like Secure-SLinux then don't use it. There have been over
1100 downloads in the past months - so there are people which like
Secure-SLinux.
--
Sebastian Faulborn
Homepage: www.secure-slinux.org
[reply]
[top]
[»]
Re: what's the package system?
by Michael Shigorin - Aug 5th 2007 13:46:26
> I am still elaborating on the best
> package management technique and will
> probably be using my own creation
One well might fail at that particular task since fixing current package
managers' _real_ problems implies having way more experience with them than
"I end up compiling half the system by hand"... Not that everyone and his
dog _does_ need PM, but the lack of it turns "enterprise grade" advertising
into something false.
I can explain if you wish, but it boils down to support time/cost and
maintenance reliability.
BTW there's rpm5.org, you can join the rewrite if you have problems with
rpm4; I do have but being rather a scripting language developer not
sys-level C one, wouldn't really help. Still, our rpm maintainer is on
rpm5 team (Dmitry Levin).
> In my experience it is very dangerous
> and does not add stability if you can
> update individual packages.
My experience is the other way around, but then again I don't use Red Hat
or its derivatives (ALT is rpm-based but also employs apt-rpm for
higher-level management). E.g. I can schedule updates application by means
of cron(8) which helps to maintain quite a few systems.
> To answer at least some of your points:
Thanks; might be worth putting somewhere on the site?
> "everything you need and no more":
> Secure-SLinux contains everything you
> need for working with linux.
Does it provide graphviz and evms? (the question is ridiculous, there are
packages missing in the largest distros but I actually use these; there is
simply no distro providing "everything you need" for everyone)
> So you will have to install them yourself anyway
> (eg. Apache, MySQL, Oracle, etc.)
Ouch! Any high-level admin I know would (re)package the build, not
install from tarball. Delivering slackware is the worst thing that IT may
do to an enterprise, it's just a mess to hand over or take over. Seen that
:(
Oracle is a special case though.
> - If there are thousands of apps
> preinstalled it is nearly impossible to
> keep the system secure
+1 (especially if there are lots of unneeded ones)
> - I myself have always found me
> deinstalling everything I wont need
Hm, I usually just don't install what doesn't belong there. Our distros
don't force me to.
You can look here to find that ALT's basesystem is *very* spartan
(removing apt and libs needed makes tarball ~4M smaller yet):
http://download.openvz.org/contrib/template/precreated/
http://download.openvz.org/template/precreated/
ALT's minimal reasonable root fs in gzipped tarball weighs 20--24M, while
Slackware's 26--29M, CentOS 33--60M, Debian's 42--50M, Fedora's 33--61M,
and minimal Ubuntu is whopping 60M. We don't believe in bloat you can
guess :)
> "installed in just 10 minutes":
> I don't understand why installing a
> distro on a computer takes so long.
Me too; well I've benchmarked ALT's latest server release in qemu (+kqemu)
on a 3700+. Basesystem with standard and openvz kernels, lilo, root user
and an unprivileged user was in place in under 4 minutes; another minute,
and DNS server is added, interfaces, timezone and something else
configured, rebooting.
5 minutes total. :) The ISO used is here:
ftp://ftp.altlinux.org/pub/distributions/ALTLinux/4.0/Server/4.0.1/iso/Server-4.0.1-i586-install.iso
> "professional enterprise servers":
> Can you tell me a single app which will
> not run under 2.4.* kernels?
glibc-2.4+ and NTPL :(
I did prefer 2.4.x until the last year (ca. 2.6.18) when I/O sched got
fixed, particularly, and our distro switched mostly due to hardware support
and recent glibc. There wasn't much sense to stay until it would be
officially unsupported.
The kernel is patched and built well beyond my skills, and those do
include 2.0 to 2.5 and a homegrown patch for 2.2. :)
> "FHS violations":
> I don't like the FHS at all
Ah, okay.
> But the FHS has many directories which
> nobody needs (eg. /var/tmp, /var/cache /var/lib
> - only one is needed)
Hm, I find myself using all of them for very different purposes; e.g.
mmcache or php sessions in /var/cache, chroots in /var/lib and
semi-temporary data in /var/tmp. BTW do you employ chrooted services?
:)
> and is missing a whole lot of
> directories eg. for distros to put their
> stuff in (for this reason every distro
> has its own way to hide their
> config/package management files).
Hm, /var/lib/rpm and /var/cache/apt are extremely uniform across
everything I've seen with them.
> If you ever have run the
> testsuite of glibc with a wrongly
> configured kernel you will know that the
> correct kernel matters.
Well I do a bit. That's why I prefer the kernel packages by competent
kernel hackers on the team, mine would probably work but the difference's
in corner cases (which do define stability beyond basic one).
> However a system must be practical.
Yup!
> Secure-SLinux tries a practical balance
> between the two.
The funny thing is "we do too" :)
> If you don't like Secure-SLinux then don't use it.
Sebastian, I wouldn't spend time talking with you if I didn't like at
least something about either you or things you do, right? :)
I'm rather asking the basic questions that aren't answered on the homepage
to hopefully help you with getting them answered _there_, maybe borrowing
an interesting detail or two, and maybe offering something in return.
I'm also not an expert in security but do have some experience in this
area, most of it being just practical.
And just as you, was quite disappointed at what "mainstream" distros do to
go and look for something else. Having found my "harbour", I'd like to
propose you to look a bit better at Adamantix, Owl, or (well) ALT to either
find robust product (which needs less work to get a server) and nice team
(which helps more than hurts), or at least borrow some decent ideas from
them.
It's pretty boring to maintain a distro with two hands from kernel to
website, I've seen that in detail.
Anyways, thanks for the answers and good luck!
--
Michael Shigorin
mike SOMEWHERE AT altlinux PLUS DOT org
[reply]
[top]
[»]
Re: what's the package system?
by Sebastian Faulborn - Aug 9th 2007 00:46:37
>
>
> % In my experience it is very dangerous
> % and does not add stability if you can
> % update individual packages.
>
>
> My experience is the other way around,
> but then again I don't use Red Hat or
> its derivatives (ALT is rpm-based but
> also employs apt-rpm for higher-level
> management). E.g. I can schedule
> updates application by means of cron(8)
> which helps to maintain quite a few
> systems.
>
The Problem is that you assume that when all packages are bug free, you
are on the safe side. However a) Linux consists of millions of lines of
code and has at least (according to some statistics) 1 serious bug every
1000 lines of code (which is a lot better than most commercial products).
b) when you update it will only fix bugs which are currently known. There
is no guaranty that there are bugs which hackers know but not anyone
else.
So what can we do? A hardened system detects malicious behaviour and kills
applications accordingly. SSP/PAX/GRSecurity will detect unusual behaviour
and will stop the application before any harm is done. Even for bugs which
are unknown. So I think having automated updates is a fine thing but does
not improve security nearly as much as distro sellers are claiming.
>
> % To answer at least some of your
> points:
>
>
> % "everything you need and no more":
> % Secure-SLinux contains everything you
> % need for working with linux.
>
>
> Does it provide graphviz and evms? (the
> question is ridiculous, there are
> packages missing in the largest distros
> but I actually use these; there is
> simply no distro providing "everything
> you need" for everyone)
>
Well if you read a bit more carefully: Secure-SLinux claims that it
contains all those little programs you need for your everyday work and also
all libraries you need for most applications you want to install. It
further on explains that Secure-SLinux does not come with any of the big
server applications - since there are so many different ways you can
compile, patch and configure them, that you will probably install those
applications your way anyway.
>
> % So you will have to install them
> yourself anyway
> % (eg. Apache, MySQL, Oracle, etc.)
>
>
> Ouch! Any high-level admin I know would
> (re)package the build, not install from
> tarball. Delivering slackware is the
> worst thing that IT may do to an
> enterprise, it's just a mess to hand
> over or take over. Seen that :(
>
> Oracle is a special case though.
>
Well I have the opposite experience. I always had to solve problems which
were unsolvable with current distros (had to use my own patched kernel,
reinstall most server apps, etc. to get things going). Now-a-days distros
have become much more powerfull but also much more bloated and some of the
configurations are so rediculous that they are way off from being secure.
So I don't trust them.
>
> You can look here to find that ALT's
> basesystem is *very* spartan (removing
> apt and libs needed makes tarball ~4M
> smaller yet):
>
Thats exactly what I don't like with some distros (eg. Debian). If you
install the core system you are actually left with a system which contains
too few apps. For example I want to be able to compile a kernel and want to
have all tools I usually use. Thats the difference to Secure-SLinux and
other distros: Neither too bloated nor too few packages.
>
> % "professional enterprise servers":
> % Can you tell me a single app which
> will
> % not run under 2.4.* kernels?
>
>
> glibc-2.4+ and NTPL :(
>
Not true: glibc-2.4+ with linuxthreads works just fine. NPTL is pretty
much the only thing which does not work with kernel 2.4 - but applications
work with both threading solutions and linuxthreads is good enough for most
server needs. If you do need NPTL than you will have to switch to kernel
2.6. Soon Secure-SLinux will come with both kernel 2.4 and 2.6 than there
won't be any problem anymore.
>
> I did prefer 2.4.x until the last year
> (ca. 2.6.18) when I/O sched got fixed,
> particularly, and our distro switched
> mostly due to hardware support and
> recent glibc. There wasn't much sense
> to stay until it would be officially
> unsupported.
>
I have seen recent kernels not being able to boot certain servers. Since I
cannot test my distro any many different hardware layouts - I rather stick
to a solutions which works everywhere. I will switch to 2.6 when the
development has stabalised. Currently there are still some redesigns
underway which are quite fundamental.
>
> BTW do you employ chrooted
> services? :)
>
Yes. The DNS server for example. However gradm provides much stronger
restrictions than chroot. So use that to force _all_ apps to run in their
restricted environment.
>
> % Secure-SLinux tries a practical
> balance
> % between the two.
>
>
> The funny thing is "we do too" :)
>
Why is this funny? Do you think there is only one kind of balance?
>
> I'm also not an expert in security but
> do have some experience in this area,
> most of it being just practical.
>
What makes you think that I am not an expert on security? I have been
working in this area for over 10 years! And I have been designing
Secure-SLinux exactly because I was not amazed by the major distros. Its
just that a lot of so called "security measures" which you find a lot in
major distros and lots of security apps which are sold for lots of money
aren't really secure. Thats why I do things differently. You cannot secure
a system by making it more complex. Humans always are erronous. You have to
break complexity down. That's why a good firewall disallows everything by
default and you have to tell it exactly where it should be open. If you get
it wrong, it won't accidentally open a whole. That's why Secure-SLinux
kills apps which misbehave rather than relying on updates (which are good
otherwise but you cannot rely on them as a security measurement).
Secure-SLinux may not be the perfect answer to security and one certainly
could do more - but its a simple and very effective solution for lots of
servers.
>
> It's pretty boring to maintain a distro
> with two hands from kernel to website,
> I've seen that in detail.
>
I like it. And if anyone wants to join - just write to
info@secure-slinux.org!
>
> Anyways, thanks for the answers and good
> luck!
>
Thanks for your replies and also good luck!
--
Sebastian Faulborn
Homepage: www.secure-slinux.org
[reply]
[top]
[»]
distro security approaches
by Michael Shigorin - Aug 9th 2007 03:59:48
> The Problem is that you assume that when
> all packages are bug free, you are on
> the safe side.
Nope, I'm seeing security as a multi-stage defense line with varied
methods involved.
> So what can we do? A hardened system
> detects malicious behaviour and kills
> applications accordingly.
We do SSP and PIE by default in gcc AFAIR (together with -DFORTIFY_SOURCE
and hardened glibc, and quite a few other infrastructural barriers), but
that's a layer pretty independent of packaging/updates.
Re "sellers claiming", ALT's implementation/buzz ratio is definitely
higher than "market average" ;) It's very much a technocratic
distro/project, not marketing one.
> Well if you read a bit more carefully:
> Secure-SLinux claims that it contains
> all those little programs you need for
> your everyday work and also all
> libraries you need for most applications
> you want to install.
*sigh*. It *cannot*, by definition. You cannot even know what "all"
little programs I do use daily, you might even not have heard of some of
them. The same would go for me if I'd advertise anything to you as
containing "everything you need*" and a fine print that you can build the
rest yourself anyways.
Frankly, I'm against that sort of advertisement, but of course it's up to
you.
(re "big apps" -- there's always at least some possibility for "generally
good enough" package of those more mature projects; cases needing rebuild
are more rare these days -- given sane distro at least, I'm not talking of
every one out there)
> I always had to solve problems which were
> unsolvable with current distros [...]
> So I don't trust them.
Well I can offer you some sort of exchange: you look at current ALT
regarding security and consistence with the job, I look at SSLX regarding
the same (probably with some mail conversation). At least that might be
interesting experience given "opposites" above :)
> Thats exactly what I don't like with
> some distros (eg. Debian). If you
> install the core system you are actually
> left with a system which contains too
> few apps. For example I want to be able
> to compile a kernel and want to have all
> tools I usually use.
Hey but you *can* install a compiler with a single pass of apt-get! ;-)
(both in Debian and ALT, even if they do dpkg and we do rpm)
Re usual tools, that was one of the major factors for me personally to
change distros; re kernel, as I've said, I gave up on building those since
I cannot really build a better one than I already have on a silver plate
(that just works).
> Thats the difference to Secure-SLinux and other
> distros: Neither too bloated nor too few
> packages.
That might only be true for one person, its author. Trust me there are no
two identical opinions on what should be in basesystem. :)
That's why minimalistic basesystem with large package base and reasonable
default install is so nice: you can kick the CD in and be up and running in
minutes, while being able to strip off unneeded stuff or add what's missing
by default (or just build custom ISO off the same repository if that's
frequent but lobbying needed packages into default setup is generally
unreasonable).
> % glibc-2.4+ and NTPL :(
> Not true: glibc-2.4+ with linuxthreads
logical "and"
> Soon Secure-SLinux will come with both
> kernel 2.4 and 2.6 than there won't be
> any problem anymore.
I wish there could be any distro solving that, but you're not going to do
"NPTL or 2.4" without providing two builds of glibc and two builds of at
least MT apps AFAIK. We _did_ stick to 2.4 as long as we could, until it
was more really stable than really stale.
> I will switch to 2.6 when the development has
> stabalised. Currently there are still
> some redesigns underway which are quite
> fundamental.
Yup, our current kernels in 4.0 (standard and openvz) are 2.6.18-based.
For different reasons but some of them are like yours too.
> % % Secure-SLinux tries a practical
> % % balance between the two.
> % The funny thing is "we do too" :)
> Why is this funny? Do you think there is
> only one kind of balance?
Exactly the opposite -- because there can be different kinds, but that's
one of the stated goals for our distro.
> % I'm also not an expert in security
> What makes you think that I am not an
> expert on security? I have been working
> in this area for over 10 years!
Sorry, it was meaning "I'm also", not "also not an expert". That is, not
referring to you [indirectly].
I'm working with Linux since 1998, and was following bugtraq since 1999 or
2000 until its SNR ratio dropped below secunia's advisories; on ALT Linux
Team since 2001. There was exactlty one known case of one of my publicly
accessible ALT-based systems being supposedly broken into, and that was #1
remote hole in OpenBSD.
But that's a compliment to Dmitry Levin, Sergey Vlasov and some other
security/kernel pros on the team, not myself.
> You cannot secure a system by making it more
> complex. Humans always are erronous.
Exactly.
> That's why Secure-SLinux kills apps which
> misbehave rather than relying on updates
> (which are good otherwise but you cannot
> rely on them as a security measurement).
That's far from perfect, as discussed e.g. on bugtraq@ many times.
Bringing remote code exec down to remote DoS is better than not but it's
still a DoS, and providing security updates so the condition resulting in
that would not be met in yet another situation (which is rather beyond the
possibilities of two hands from what I see if the distro pretends to be at
least a bit universal).
> I like it. And if anyone wants to join -
> just write to info/secure-slinux.org!
Prepare for questions like these from those who might consider joining and
whom you'd rather welcome than just have to educate from the ground up. :)
--
Michael Shigorin
mike SOMEWHERE AT altlinux PLUS DOT org
[reply]
[top]
[»]
Re: distro security approaches
by Sebastian Faulborn - Aug 11th 2007 11:25:55
>
>
> % So what can we do? A hardened system
> % detects malicious behaviour and kills
> % applications accordingly.
>
>
> We do SSP and PIE by default in gcc
> AFAIR (together with -DFORTIFY_SOURCE
> and hardened glibc, and quite a few
> other infrastructural barriers), but
> that's a layer pretty independent of
> packaging/updates.
You cannot nearly compete with GRSecurity/PAX or SeLinux if you "just" use
SSP/PIE and a few other practical measurements. GRSecurity/PAX or SeLinux
provide hardening on totally other levels. See the discussion on hardened
Gentoo about this.
Again I agree with you that keeping your system up2date is a good thing -
but honestly, do you really believe that just by fixing a couple of bugs
will make you safe considering that a system as huge as linux contains
thousands of potential bugs (which will officially never be
found/fixed)?
>
> Re "sellers claiming", ALT's
> implementation/buzz ratio is definitely
> higher than "market average" ;) It's
> very much a technocratic distro/project,
> not marketing one.
>
I don't understand why you always defend ALT linux. I am sure that ALT
linux is an excellent distro and it probably has its points. I did not
develop Secure-SLinux to attack ALT linux. I developed it so that I have a
distro which does not have the shortcommings of lots of the major distros
(as far as my uses are concerned) - and Secure-SLinux actually turned out
to be so good that I made it available to the public for those which are
equally minded.
I am not claiming that Secure-SLinux is the only solution - there are
others with their advantages and disadvantages. That's up to the users
choice which distro he preferes.
I just want to make the point that this site is for discussion about
Secure-SLinux. It's not ment for advertising ALT linux or defending it or
attacking Secure-SLinux. If you have a point, you may discuss it but please
keep it technical.
> You cannot even know what "all" little
> programs I do use daily, you might even
> not have heard of some of them.
Ouch! You are pedantic! If this is your only problem you have with
Secure-SLinux than Secure-SLinux must be a really excellent distribution!!!
ALT linux throws with words such as "universal" and "complete office
solution" - how do you know what I need? Secure-SLinux provides more
usefull progs than some of the major distros allthough most major distros
come with thousands of packages. However it's up to you to install what you
will be running. I won't discuss it further. I get the point you don't like
my wording. Can we leave it at that?
>
> Hey but you *can* install a compiler
> with a single pass of apt-get! ;-) (both
> in Debian and ALT, even if they do dpkg
> and we do rpm)
>
It's not just the compiler. You need binutils, make and a lot of other
progs too and a lot of header files in /usr/include.
Anyway, Secure-SLinux is not intended for those who just want to use a
graphical RPM based installer and who don't know anything about the
internals. So this discussion - again - is of no point. You are simply
discussing something which Secure-SLinux is not intended for. And
Secure-SLinux does not try to compete with ALT linux. Actually
Secure-SLinux does not try to compete with any distro: if you like it, use
it. Otherwise don't!
> change distros; re kernel, as I've said,
> I gave up on building those since I
> cannot really build a better one than I
> already have on a silver plate (that
> just works).
>
Secure-SLinux is for those who have no problem in compiling a new kernel
and I really see no problem or magic in compiling a new kernel (although
Secure-SLinux comes with precompiled kernels so there is normally no need
to compile one yourself).
>
> Prepare for questions like these from
> those who might consider joining and
> whom you'd rather welcome than just have
> to educate from the ground up. :)
Don't you see that you are constantly being negative? And anyhow: why
should you bother what kind of people consider joining development of
Secure-SLinux?
What are you really seeking? Are you not confident enough about your ALT
linux that you have to seed doubt in other people's distros on their
homepages?
I wouldn't mind if you had constructive criticism (and also come with some
solutions). Grow up boy and tell me what you're really after!
--
Sebastian Faulborn
Homepage: www.secure-slinux.org
[reply]
[top]
[»]
good luck, anyways
by Michael Shigorin - Aug 12th 2007 15:05:38
[moved to top]
> but honestly, do you really believe that
> just by fixing a couple of bugs will make you safe
Honestly, I just don't even consider my safety dependent of computer
systems (particularly online ones). There's limitation for everything, I
don't trust things that complex what should not be. That simple.
[sigh]
> If you have a point, you may discuss it but please
> keep it technical.
I try, just some of it (like "enterprise" stuff) isn't only technical.
OK, moving to email (if you find the links there interesting).
> You are simply discussing something which
> Secure-SLinux is not intended for.
But why do you -- I'd say "falsely" to a friend! -- advertise it as such
then?
I'm sometimes asked for very custom (or odd) things on community side; my
problem is often to be able to either recommend something orthogonal but
nice (like DeLi last week) -- or warn against something well-known but
non-robust (like Slackware).
I've tried to:
- understand what nice/unique features and application possibilities this
distro might have;
- possibly share some dev/user experience;
- probably point out that some of the gorgeous description is inaccurate
after having asked,
but managed to offend you. That wasn't intended, sorry.
> Don't you see that you are constantly
> being negative? And anyhow: why should
> you bother what kind of people consider
> joining development of Secure-SLinux?
Probably I was a bit.
Last time I've been seriously negative about other people's pet projects
was "Linux Netwosix". That was another distro by a boy who was actively
advertising it as an "enterprise secure server", even spammed bugtraq with
update announces, and funny enough stressed its tarball grade simplicity
and quick installation.
The project's long "on hold" with overall maintenance period being like
half a year.
He could avoid bothering, gathering, and then frustrating people -- or at
least the latter part -- by listening to my advice back then (which
accompanied the bug report on world writable files/dirs in his "secure"
tarballs).
You sure miss his technical incompetence but missing organizational clue,
responsibility or spare time is or becomes very often the case. It's
better understood in advance than not.
That's "why".
> I wouldn't mind if you had constructive
> criticism (and also come with some
> solutions). Grow up boy and tell me what
> you're really after!
Well, I'm 28 M.Sc. boy who's after interesting people (to communicate
sometimes) and interesting projects (sometimes helping them, sometimes just
using results). The two major projects I currently participate in are ALT
Linux and TYPO3 CMS, if that matters.
If my knowledge that:
- a non-managed (at least in terms of bare packages) product cannot be
considered (and should not be declared) "secure" in enterprise these
days;
- single-sided approach to security (like "RBAC/MAC-only" or
"updates-only") is not generally reasonable;
- there might be already solutions for many problems not handled in major
distros but done elsewhere
is worth nothing to you, well, you can delete the comments (or ask FM
folks to) and consider that wasted time (yours and mine).
Or check your email for technical part that might be interesting if you
want.
[skipped a couple yups re kernel, compiler, binutils...]
[rant]
> I did not develop Secure-SLinux to attack ALT linux.
Sorry, I didn't comment to bash SSLX too. Rather comparing what's common
in goals or tools, and what differs.
I might be attacking some "ad" statements that I personally find
misleading, but that's completely different and not at all specific to your
webpages only.
I've somehow thought German developers are ever *so much* pedantic that
it's a bug to be reported against a public description! :)
Yes, let's leave it at that. Sorry for overemphasizing, if my wording
feels like that to you.
--
Michael Shigorin
mike SOMEWHERE AT altlinux PLUS DOT org
[reply]
[top]
[»]
Re: good luck, anyways
by Sebastian Faulborn - Aug 16th 2007 11:47:47
Thanks for your constructive reply!
It would be nice if people want to discuss Secure-SLinux if could to so in
our forum -
otherwise this project page will soon become rather long!
Thanks!
--
Sebastian Faulborn
Homepage: www.secure-slinux.org
[reply]
[top]
|
