Date: Fri, 13 Aug 1999 03:18:14 +0400 From: "Mikhail A. Sokolov" <mishania@demos.net> To: Tom Brown <tomb@securify.com> Cc: "'freebsd-security@freebsd.org'" <freebsd-security@freebsd.org> Subject: Re: "Secure-FreeBSD" Idea Message-ID: <19990813031813.A94114@demos.su> In-Reply-To: <01BEE4A8.6FE3EEC0@beetroot.securify.com>; from Tom Brown <tomb@securify.com> on Thu, Aug 12, 1999 at 09:52:48AM -0700 References: <01BEE4A8.6FE3EEC0@beetroot.securify.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 12, 1999 at 09:52:48AM -0700, Tom Brown wrote: # HI, # # Now realistically all this would have to be is a really anal installation process, forcing the user to positively select services such as ftp,telnet, sendmail etc. So if you don't select anything, you can't much. It would also have carefully set UMASKS and probably come with some easy way to get the user to set-up tripwire and ipfw for example. # # I suspect that most of the readers of this list spend a fair amount of time going through the same laborious process of tying down each server they built. How about we pools this vast collection of procedures together and try to build some kind of a security release. We all know (well at least I hope we do!) what a solid O/S FreeBSD is, wouldn't this be the ideal opportunity, to push the OS further into the public eye? Robert Watson has some tools, which are supposed to be bringing standard system install to somewhat more secure state, it was under the idea of 'the freebsd hardening project'. I guess he reads this list and could comment, actually. # # Tom -- -mishania P.S. Please wrap lines when composing mails. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990813031813.A94114>