LFS Paper on Secure Servers

EC wingman at waika9.com
Sat Oct 2 10:27:45 PDT 2004


>De : lfs-security-bounces at linuxfromscratch.org [mailto:lfs-security-
>bounces at linuxfromscratch.org] De la part de Bruce Dubbs
>Envoyé : samedi 1 mai 2004 08:58
>À : lfs-dev at linuxfromscratch.org; BLFS Development List; LFS Security
>Discussion List
>Objet : LFS Paper on Secure Servers
>
>I've been working on a major paper based on LFS for the last few months
>and have now come to the point where it should be released.  The paper
>is at:
>
>http://www.linuxfromscratch.org/~bdubbs/secure-linux.pdf
>http://www.linuxfromscratch.org/~bdubbs/secure-linux.html
>
>The files are also available at:
>
>http://sol.sac.accd.edu/~bdubbs/secure-linux.pdf
>http://sol.sac.accd.edu/~bdubbs/secure-linux.html
>
>so you might want to use that site to not overload the main lfs site.

Hello Bruce, as I already said this is a very good document. Though it's an
old message, I am still looking at it from time to time. At the time I
suggested grsecurity patch (not necessarily the ACL), postfix/qmail since
the document seems security oriented. 
I do have a question: you said sendmail was chosen in order to use same tool
as other servers in you system. Is BIND a same kind choice ? Did you
consider DJBDNS ?

Emmanuel.






More information about the lfs-security mailing list