| 1 |
On Sat, 25 Sep 2004 19:26:26 +0200 Bart Lauwers <blauwers@g.o> |
| 2 |
wrote: |
| 3 |
| 1) Safety is important, it should be our aim to have our |
| 4 |
| default system as secure as it possibly could be. |
| 5 |
|
| 6 |
Uh, no. A *reasonable* level of security is good. "As secure as it |
| 7 |
possibly could be" means turning on grsec, selinux etc in maximum |
| 8 |
security mode, which makes a box unusable unless you spend a lot of |
| 9 |
time screwing around with things. Nothing wrong with that under certain |
| 10 |
circumstances, of course, but it should *not* be a default. |
| 11 |
|
| 12 |
| 3) A good housefather does not leave the front door of any home open |
| 13 |
| at night. |
| 14 |
|
| 15 |
There is a difference between leaving the front door open and installing |
| 16 |
fifty seven locks on the door. |
| 17 |
|
| 18 |
| Anyone who thinks that a speed tradeoff is too much for better |
| 19 |
| protection is crazy. Do us all a favor and play a go night of russian |
| 20 |
| roulette by yourself to get your thrills. |
| 21 |
|
| 22 |
You could equally say that anyone who is prepared to take a nasty |
| 23 |
performance hit for possible slight damage mitigation is paranoid. There |
| 24 |
is a huge difference between "not using ssp" and "playing russian |
| 25 |
roulette". |
| 26 |
|
| 27 |
I kinda wonder about the security FUD certain people are spreading... |
| 28 |
|
| 29 |
-- |
| 30 |
Ciaran McCreesh : Gentoo Developer (Sparc, MIPS, Vim, Fluxbox) |
| 31 |
Mail : ciaranm at gentoo.org |
| 32 |
Web : http://dev.gentoo.org/~ciaranm |
Archives