[MLB-WIRELESS] *nix system for begginers

KevinL darius at obsidian.com.au
Mon Jul 8 14:09:25 EST 2002


Urk.

chroot() on a standard system is not as secure as all that - get root
inside a chroot environment by whatever means, and you can likely
leverage that to root across the system.  It's a hinderance, but not a
mammoth one.

Check http://www.solucorp.qc.ca/miscprj/s_context.hc for a virtual
server project that provides at kernel-level the same sort of
capabilities that FreeBSD's jails provide - that's a much saner solution
(and allows for interesting games like running different distro's on the
same server).

See previous message about not feeding the trolls, though - horses for
courses, and all that.  People love the system they know the best, and
99% of the time the choice is better made on what you know, or what
you're comfortable with, than on any particular difference between linux
and freebsd, debian and redhat &etc.  The differences are too minor,
imnsho - they all have strengths and weaknesses.

KJL

On Mon, 2002-07-08 at 14:02, evilbunny wrote:
> Hello Brendan,
> 
> I guess that's what hurd is supposed to fix... I run it on productions
> systems, and don't have problems, chroot is for those truly worried,
> after all if you chroot all processes to the /home dir for example,
> and the only way to get root is with a reboot into single user mode? for
> those truly worried about security, unplug the computer from the
> wall, after all if they can't get access to it, they can't crack it...
> 
> -- 
> Best regards,
>  evilbunny                            mailto:evilbunny at sydneywireless.com
> 
> http://www.SydneyWireless.com - Exercise your communications
> freedom to make it do what you never thought possible... 
> 
> Monday, July 8, 2002, 1:57:52 PM, you wrote:
> 
> BH> But it's biggest flaw still exits.
> BH> It is Linux based.
> 
> BH> -ProFX
> 
> BH> From: "evilbunny" <evilbunny at sydneywireless.com>
> 
> >> Erm debian doesn't move config files, and comparing it to RH, mmm so
> >> much for your argument there and then, it's quite simple to secure any
> >> system, if it's not needed disable it... and then firewall the shit
> >> out of it...



To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list