Re: RFD: new section ("secure"?)
On Sun, Jan 16, 2000 at 10:51:20AM -0700, Bear Giles wrote:
> Inspired in part by the relaxation of US crypto export regulations,
> I would like to RFD discussion of a new Debian section, possibly
> called "secure."
[deletia]
> - all packages listed above, or added to the "secure" section later,
> will have "Provides:" and "Replaces:" fields to allow a secure
> alternative to replace them without causing dependency problems
> or arcane version information. In this case, the secure package
> should have a unique name, e.g., "cvs" becomes "kcvs", "lprng"
> becomes "klprng."
would this also include more secure/paranoid base/commonly used packages?
removal of the non-essential suid bits on stuff like mount and chrooting bind
are some of the first things i do to machines although i do suppose these
minor tweaks could be handled as a low priority option in debconf.
also, i don't see anything about chroot jails in the FHS or the policy, do we
have anything on record about this?
--
nathan a ferch
nf@marginal.net
"Ghostbusters ... Yes, it is ... Yes, of course they're serious. You do! You have! Yes, sir. Well, they're out on another case now, but if you'll give me the address ... Don't worry, they'll be totally discreet." -Janine
Reply to: