Re: From release notes for FC5T3 (web)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: From release notes for FC5T3 (web)
From: Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx>
Date: Tue, 07 Mar 2006 17:36:25 +0530
In-reply-to: <440D0E5F.70809@xxxxxxxxxxxxxx>
References: <440BA051.6030406@xxxxxxxxxxxxxx> <440BE327.7000009@xxxxxxxxxxxxxxxxx> <440C2482.2090003@xxxxxxxxxxxxxx> <440C3092.9050708@xxxxxxxxxxxxxxxxx> <440CDEC6.7030000@xxxxxxxxxxxxxx> <440CF130.5030902@xxxxxxxxxxxxxxxxx> <440D0E5F.70809@xxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20060130 Red Hat/1.7.12-1.4.2

Jim Cornette wrote:

Security issues should be set with rational defaults where servicesthat can decrease security need to be manually activated to install. Ihope that security issues are dealt with regardless to whether one hasa fully loaded arsenal of packages or a limited installation.

The potential security issues are not limited to open ports and runningservices but having the system affected through exploits on thesoftware installed even when you might have never used them.

I vaguely recall one program that even if it was not set active, thedefault password was set to something like Q and would hinder securityon a Linux install. I do not recall what the program was though.Your point that having a package with dangerous capabilities doeshold water for this previous problem with older installs. One couldhack in and have the tools they need in order to command ones computer.

Its better to make the post installation package management flexibleenough to deal with all kinds of use cases on adding and removingadditional software on the system IMO.

--

Rahul

Follow-Ups:
- Re: From release notes for FC5T3 (web)
  - From: Jim Cornette
- Re: From release notes for FC5T3 (web)
  - From: Bruno Wolff III

References:
- From release notes for FC5T3 (web)
  - From: Jim Cornette
- Re: From release notes for FC5T3 (web)
  - From: Rahul Sundaram
- Re: From release notes for FC5T3 (web)
  - From: Jim Cornette
- Re: From release notes for FC5T3 (web)
  - From: Rahul Sundaram
- Re: From release notes for FC5T3 (web)
  - From: Jim Cornette
- Re: From release notes for FC5T3 (web)
  - From: Rahul Sundaram
- Re: From release notes for FC5T3 (web)
  - From: Jim Cornette

Prev by Date: Re: Missing Dependency: libavcodec.so.51
Next by Date: Re: Missing Dependency: libavcodec.so.51
Previous by thread: Re: From release notes for FC5T3 (web)
Next by thread: Re: From release notes for FC5T3 (web)
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux