[MLB-WIRELESS] *nix system for begginers
KevinL
darius at obsidian.com.au
Mon Jul 8 14:09:25 EST 2002
Urk.
chroot() on a standard system is not as secure as all that - get root
inside a chroot environment by whatever means, and you can likely
leverage that to root across the system. It's a hinderance, but not a
mammoth one.
Check http://www.solucorp.qc.ca/miscprj/s_context.hc for a virtual
server project that provides at kernel-level the same sort of
capabilities that FreeBSD's jails provide - that's a much saner solution
(and allows for interesting games like running different distro's on the
same server).
See previous message about not feeding the trolls, though - horses for
courses, and all that. People love the system they know the best, and
99% of the time the choice is better made on what you know, or what
you're comfortable with, than on any particular difference between linux
and freebsd, debian and redhat &etc. The differences are too minor,
imnsho - they all have strengths and weaknesses.
KJL
On Mon, 2002-07-08 at 14:02, evilbunny wrote:
> Hello Brendan,
>
> I guess that's what hurd is supposed to fix... I run it on productions
> systems, and don't have problems, chroot is for those truly worried,
> after all if you chroot all processes to the /home dir for example,
> and the only way to get root is with a reboot into single user mode? for
> those truly worried about security, unplug the computer from the
> wall, after all if they can't get access to it, they can't crack it...
>
> --
> Best regards,
> evilbunny mailto:evilbunny at sydneywireless.com
>
> http://www.SydneyWireless.com - Exercise your communications
> freedom to make it do what you never thought possible...
>
> Monday, July 8, 2002, 1:57:52 PM, you wrote:
>
> BH> But it's biggest flaw still exits.
> BH> It is Linux based.
>
> BH> -ProFX
>
> BH> From: "evilbunny" <evilbunny at sydneywireless.com>
>
> >> Erm debian doesn't move config files, and comparing it to RH, mmm so
> >> much for your argument there and then, it's quite simple to secure any
> >> system, if it's not needed disable it... and then firewall the shit
> >> out of it...
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list