sysklogd priv seperation

Bennett Todd bet at rahul.net
Sun Jan 23 13:35:59 PST 2005


2005-01-23T20:56:05 Heiko Zuerker:
> You have to be carefull not to make HLFS too geeky, because
> security is for everybody and should be used by everybody.

Security isn't a boolean, on/off function. It's not even a simple
scalar value. It's a great collection of tradeoffs, scattered all
over.

As a convenience, we've identified a few common categories of
"security issue", and given them commonly-agreed-on classifications;
e.g.

	remote root --- totally unacceptable, emergency
	local root --- bad, fix fast
	local potential data loss in non-default config ---
		not great, fix in the next major release

Of course there's zillions of such.

All Linux distros (and other OS maintainers too, of course) are
pursuing the same course in trying to tighten up security as far as
they can without causing end-user pain; and it's paying off, we're
up to months before a default install of a contemporary distro gets
burgled, up from days. These are the "security that's for
everybody".

Now what's HLFS? I'm a lurker, not one of the leaders nor even
an active contributor (other than donating kibitzing comments
periodically:-). But my impression is that HLFS is an LFS varient,
with all that implies --- focus on education, producing a book,
which teaches its readers how to assemble one of these HLFS thingies
from raw ingredients.

How does an HLFS thingie differ from an LFS? It's an exercise in
introducing advanced system-hardening technologies, tricks that
thwart commonly-used bug-exploiting strategies, or that allow
limiting damage when an exploit does blow through. This focus is
kinda orthogonal to the common work all distros and developers are
pursuing, trying to pick software least likely to have bugs, fixing
bugs promptly when they're found, auditing code to try and find 'em
before bad guys, working for more secure default configs, etc.

HLFS is working near the cutting edge of system-hardening
technologies; if it succeeds in proving them highly practical in
real, useful, comfortable systems, it may help drive them into the
limelight. LFS-x for some x greater than 6, e.g.:-). But their
practicality and applicability for casual users shouldn't, in my
opinion, be a gating criterion; HLFS presses beyond the casual.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20050123/9ffc6d0a/attachment.sig>


More information about the hlfs-dev mailing list