[arch-general] New Google Group for discussion and notices on Arch security.

Jeroen Op 't Eynde jeroen at xprsyrslf.be
Thu Jun 17 18:58:18 EDT 2010 

On Fri, 18 Jun 2010 00:35:19 +0200, Miah Johnson <miah at chia-pet.org> wrote:

> Things to remember:
> 1. There is no such thing as "secure".
> 2. Proper security consists of multiple layers of defense.
> Additional examples of things the AST could do:
> 1. Propose changes to default configuration files to be "more secure",  
> and
> have more documentation around setting up services in a more secure  
> fashion.
> 2. Assist with SELinux & GRsecurity projects.
> 3. Propose changes to initscripts to make sure software drops privileges  
> and
> chroots where possible, or at least make it easier to enable such  
> features.
> 4. pie / ssp
> 5. PaX
> 6. Audits

First of all, please don't top post. It is really annoying.

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?

Back on topic:

Start a security team while there isn't anything like secure? Alright I  
get the point, but I guess arch has the natural ability to become faster  
stable just because of the bleeding edge. Software bugs get tackled  
faster, patch are quickly spread, not waiting for months like many other  
distros. I know running the newest code doesn't mean secure, but that  
choice is up to the user (check the svn and use abs and so on).

Other examples, hmm. You can still propose changes, you don't need a team  
to write a patch for a configuration file or the initscripts. SELinux is  
not even in community, maybe apply for becoming a TU for it? Or help out  
at Fedora or wherever it is developed? I don't know much about  
GRsecurity/PaX/SSP/Audits, but check the Wiki and try to help out there,  
discus it there. People who are interested should be following those pages  
and contribute, the same for SELinux. The Wikipages look really nice. I  
don't know pie, but that would probably have something to do with  
GRsecurity too.

I guess most of the things are already there, some people want to give it  
a name. I'm not stopping you from a team, but I just don't believe in it  
after seeing so many fails. (I'm not a Dev nor a TU, just giving my  
opinion.)


-- 
To read: http://en.wikipedia.org/wiki/Posting_style#Bottom-posting

More information about the arch-general mailing list